Last checked and updated on 03 May 2026What Is New in Jenkins 2.414.x
Jenkins 2.414.x LTS delivers significant UI modernization, Java 17 as the new default, and critical security patches. This release continues the project's focus on removing legacy dependencies and improving the core user experience.
| Category | Key Changes |
|---|---|
| New Features | Java 17 as default in containers, Debian 12 base images, last build status on job pages |
| UI Improvements | Modernized sign-in page, updated dropdowns, forms, and content blocks |
| Security | Multiple security advisories addressed, Content-Security-Policy enhancements |
| Bug Fixes | Fixed high memory usage, form validation issues, and plugin manager button behavior |
| Deprecations | Removed Prototype.js dependency, CentOS 7 container images discontinued |
What UI changes were introduced in Jenkins 2.414.x?
The most visible change is the completely redesigned sign-in page with modern visuals and native browser theme support. This update also brings consistent styling to dropdown menus, form controls, and content blocks throughout the interface.
For build monitoring, the job page now displays the last build status directly, giving quicker visibility into project health. The Log Recorder interface was overhauled with better empty state handling and improved visual design.
These changes continue the multi-year effort to modernize Jenkins' UI framework by removing outdated libraries like Prototype.js and adopting contemporary web standards.
How does Jenkins 2.414.x handle Java versions?
This release makes Java 17 the default runtime for container images without explicit JDK tags. The short tags like jenkins/jenkins:2.414.3 now use Java 17 instead of Java 11.
If you need to maintain Java 11 compatibility, you must use explicit tags like jenkins/jenkins:2.414.3-jdk11. The Windows container images also switched from windowsservercore-1809 to windowsservercore-ltsc2019 base images with proper tagging that includes "ltsc2019".
This transition prepares users for Java 21 support in future releases while maintaining backward compatibility for existing deployments.
What security improvements were made?
Multiple security advisories were addressed across the 2.414.x releases, particularly in the 2.414.2 and 2.414.3 versions. These include fixes for vulnerabilities that could allow unauthorized access or other security breaches.
The Content Security Policy was enhanced to include allow-same-origin directives for workspace and artifact browsers when the Resource Root URL feature isn't used. This prevents issues with reverse proxies blocking cross-site requests for stylesheets and images.
Additional security headers were added to agent listener responses to address false positives from security scanners that incorrectly flagged missing X-Content-Type-Options headers.
What performance issues were resolved?
A critical memory leak in XStream2.AssociatedConverterImpl that was introduced in version 2.405 was fixed. This addresses high memory usage that could lead to performance degradation or out-of-memory errors.
The release also resolves thread creation issues where numerous HTTP requests could spawn excessive threads, potentially overwhelming the system. Agent-side thread creation errors under rare race conditions were reduced through Remoting improvements.
For artifact management, performance displaying build artifacts with remote managers like S3 was restored after a security fix in 2.394 caused substantial slowdowns.
What compatibility breaks should I watch for?
The removal of Prototype.js affects plugins that still depend on this legacy library. The Global Build Stats plugin required an update to version 282.v79ca_e079d1b_1 or later to maintain functionality.
The Login Theme plugin experienced compatibility issues with the new sign-in page design. While fixes were delivered in 2.414.2, users must update to the latest plugin version after upgrading Jenkins.
CentOS 7 container images were discontinued due to Red Hat Enterprise Linux 7 reaching end-of-life. Users should migrate to newer base images like Debian 12 (bookworm) which became the new default.
FAQ
Why does my login page look different after upgrading?
Jenkins 2.414.x includes a completely redesigned sign-in page with modern visuals and native browser theme support. If you use the Login Theme plugin, you'll need to update it after upgrading Jenkins to ensure compatibility.
How do I keep using Java 11 with the new container images?
Use explicit JDK tags like jenkins/jenkins:2.414.3-jdk11 instead of the short tags. The default short tags now use Java 17 instead of Java 11.
What should I do about the Prototype.js removal?
Update any plugins that depended on Prototype.js. Specifically, the Global Build Stats plugin needs version 282.v79ca_e079d1b_1 or later. Most core functionality was already migrated away from Prototype in earlier releases.
Why are my form validations behaving differently?
Form validation errors that were initially hidden now properly display, and previous errors clear when new validation content appears. This fixes regressions that existed since version 2.355.
What happened to CentOS 7 container images?
They were discontinued because Red Hat Enterprise Linux 7 and its derivatives reached end-of-life. The new default Debian 12 (bookworm) images provide a more secure and maintained base platform.