Jenkins

vjenkins-2.565 scope: jenkins Security

This release includes 1 security fix for security teams reviewing exposed deployments.

Published 14d Pipelines

View tool

✓ No known CVEs patched

Read the diff → Tool health → What is this tool? →

This release patches 1 known CVE

Topics

ci-cd devops groovy java jenkins pipelines-as-code

Summary

AI summary

Fixed a race condition causing loss of lazy‑built records.

Changes in this release

Type	Severity	Summary	CVE
Security	Medium	Limit SECURITY-3657 fix to controller JVM Limit SECURITY-3657 fix to controller JVM Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low	—
Bugfix	Medium	Fix race in LazyBuildMixIn losing build records Fix race in LazyBuildMixIn losing build records Source: granite4.1:8b-q6_K@2026-05-20 Confidence: high	—
Bugfix	Medium	Make `.../build` URL use regular RequirePOST notice Make `.../build` URL use regular RequirePOST notice Source: granite4.1:8b-q6_K@2026-05-20 Confidence: low	—

Full changelog

This is an automatically generated changelog draft for Jenkins weekly releases.
See https://www.jenkins.io/changelog/2.565/ for the official changelog for this release.

🐛 Bug fixes

Fix race in LazyBuildMixIn losing build records by @akca in https://github.com/jenkinsci/jenkins/pull/26700
Limit SECURITY-3657 fix to controller JVM by @daniel-beck in https://github.com/jenkinsci/jenkins/pull/26709
Make .../build URL use regular RequirePOST notice by @daniel-beck in https://github.com/jenkinsci/jenkins/pull/26333

Security Fixes

SECURITY-3657 – limited fix to controller JVM

View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Jenkins

Get notified when new releases ship.

About Jenkins

Jenkins automation server

All releases →

Jenkins

Summary

Changes in this release

🐛 Bug fixes

Security Fixes

Related context

Related tools