Hi Team,
We are currently using Jenkins LTS 2.387.3 hosted on Azure vm.
In order to mitigate the Jenkins CVE 2024-23897, we are planning to upgrade our current Jenkins application to LTS 2.426.3.
As part of this i went through the upgrade guides and java requirements indicated in official jenkins.io documentation and came up with below outcome
Jenkins upgrade from LTS 2.387.3 to LTS 2.426.3
Step 1.
Upgrading from Jenkins LTS 2.387.3 to Jenkins LTS 2.401.x
No noteworthy changes to apply
Step 2.
Upgrading from Jenkins LTS 2.401.X to Jenkins LTS 2.414.x
Plugins related update
Categorized view version 1.13 or newer
Build Monitor View version 1.14-745.ve2023a_305f40 or newer
Step 3.
Upgrading from Jenkins LTS 2.414.x to Jenkins LTS 2.426.x
Java 21 support, Java 11/17 is still supported
Here are my few queries regarding this outcome.
- We are not using the plugins indicated in Step 2, but do we still need to consider upgrading these plugins ?
- We are currently, using remoting version 3107.v665000b_51092 (JNLP launcher, websocket communication protocol for jenkins agent/windows server)
As indicated in Step 3, minimum required remoting version is 4.13,
i assume that remoting version is nothing but the agent.jar that can be downloaded when configure jenkins node.
Currently, our windows server has a task scheduler that runs a .bat script to connect to jenkins controller, which has a curl command to download the agent.jar file.
So, the above curl command will automatically download and reference the latest agent.jar supporting remoting version 4.13 right ?
or do i still need to download the new agent.jar after the upgrade and replace in the jenkins agent path while connecting this agent to jenkins controller ?
- Apart from the above indicated i dont see any significant impact or changes to be cautious of before directly upgrading from LTS 2.387.3 to LTS 2.426.3. So, if my assesment is correct can i go ahead and upgrade directly to upgrade my current jenkins version LTS 2.387.3 to LTS 2.426.3 ?
Let me know if i have missed anything or to take note.
Really appreciate your honest feedback.
Regards,
Azeem