Compare releases

Compare releases and check for compatibility between your existing Octopus Server and new releases.

What's new

These are the most important features you'll get by upgrading from 2019.5.12 to 2019.6.14

Octopus 2019.6

Highlights

  • Build information and work item tracking captures metadata about work items and build details and surfaces them with links to the appropriate sites.
  • Release notes templates and automatic release notes generation makes it easy to generate and share the changes that are going into your releases.
  • Octopus integration with Jira which provides two-way links between your Jira issues and your deployments.
  • Expanded Script Module support for C#, F# and Bash and Python.
  • Linux Tentacle early access unlocks the ability to deploy to Linux servers in highly secure environments where inbound ports cannot be opened on production servers.

Read our [Octopus 2019.6 blog post to learn more.

Breaking changes

This release includes the following breaking changes:

  • There are some very slight changes to the format of the output returned by the Octopus.Server.exe show-configuration command. This functionality is unlikely to affect you, but if you are using this to drive automation, please test the new release before upgrading.
  • To support some customers who have Active Directory configurations where users share email addresses, we have had to remove the uniqueness restriction on user email.
  • Health check properties of machine policies have changed to accommodate Linux Tentacle. TentacleEndpointHealthCheckPolicy has been renamed to PowerShellHealthCheckPolicy and SshEndpointHealthCheckPolicy has been renamed to BashHealthCheckPolicy. Any custom tools that create machine policies should use the new property names.
  • The SSH health check policy OnlyConnectivity configuration option is now a policy-wide setting. Raw scripting on SSH targets commonly uses this setting. If you are using this setting, Octopus will create a new machine policy during the upgrade. Please refer to this GitHub issue for details if this is relevant to you.

Octopus 2019.5

Highlights

  • Updated build information and work item tracking to fix bugs and improve release note generation
  • Expanded script module support for C# (and F# and Bash and Python)

Read our blog post to learn more.

Breaking Changes

  • Remove the uniqueness restriction on user email addresses to support some customers who have Active Directory configurations where users share email addresses.

  • Health check properties of machine policies have changed to accommodate Linux Tentacle. TentacleEndpointHealthCheckPolicy has been renamed to PowerShellHealthCheckPolicy and SshEndpointHealthCheckPolicy has been renamed to BashHealthCheckPolicy. Any custom tools that create machine policies should use the new property names.

  • The OnlyConnectivity option that was configured on SSH health check policies is now a policy-wide setting. This setting is commonly used for raw scripting on SSH targets. If you are using this setting a new machine policy will be created during the Octopus Server upgrade. Please refer to this GitHub issue for details, you may need to take action.

  • Permissions are now more strictly enforced for creating and modifying teams and users, to avoid users being able to escalate their own permissions. Please see 5537 for more information.

Release notes

These are the features and fixes you'll get by upgrading from 2019.5.12 to 2019.6.14.

Changes in Octopus Server 2019.6.14

  • 5996 - CSRF cookie sometimes missing secure attribute - CVE: CVE-2019-19375
  • 6000 - Fixed an error calling octo create-release when package version supplied for a deploy a release step does not exist
  • 6003 - Invalid request submitted to Team API can cause denial of service - CVE: CVE-2019-19376

Changes in Octopus Server 2019.6.13

  • 5982 - Fixed an information disclosure vulnerability during error handling of maliciously crafted packages on Octopus Cloud - CVE: CVE-2019-19084

Changes in Octopus Server 2019.6.12

  • 5962 - Upgraded Let's Encrypt support to ACME v2

Changes in Octopus Server 2019.6.11

  • 5956 - Fixed an information disclosure vulnerability during error handling of maliciously crafted packages - CVE: CVE-2019-19084
  • 5959 - Fixed a stored cross-site-scripting (XSS) vulnerability - CVE: CVE-2019-19085

Changes in Octopus Server 2019.6.10

  • 5932 - Fixes rare crash in editing a package deployment step if a large amount of feeds are present

Changes in Octopus Server 2019.6.9

  • 5850 - Handle bad Auto Release Creation configuration better and allow users to resolve it
  • 5856 - Resolved issue saving deploy kubernetes containers step when memory requirements set but not cpu

Changes in Octopus Server 2019.6.8

  • 5765 - Resolved issue where extracting template from deployment step could result in 'Given key not present in dictionary' error
  • 5786 - Fixed a bug that prevent upgrades when malformed artifact documents exist
  • 5809 - Fixed a null reference exception that occurred on login in some AD configurations after upgrade beyond 2019.5.0

Changes in Octopus Server 2019.6.7

  • 5749 - Tentacle TentacleProxyPassword logged in clear text when OctopusPrintVariables is set
  • 5760 - TentacleProxyPassword logged in clear text if $env:HTTP_PROXY is printed and password contains special characters

Changes in Octopus Server 2019.6.6

  • 5724 - Improved parsing of Jira issue references, and only display Jira issues that exist in the configured Jira instance (requires a username and password to be configured on the Jira issue tracker settings page)
  • 5753 - Fixed some sensitive value handling in the server config API/portal UI - CVE: CVE-2019-14525

Changes in Octopus Server 2019.6.5

  • 5703 - Fix for Project Deploy Release page appears to hang with a large number of tenants
  • 5705 - Fix for incorrectly migrated user roles that could not be saved due to validation error
  • 5708 - Create correct commit links in Octopus when using git@<host>: URLs in the VCS root in package metadata
  • 5715 - Fix for project and project-group scoped permission UI issues
  • 5717 - Fix for Upgrading from 2018.10 to 2019.3+ fails when package configuration contains forward slashes
  • 5719 - Fix for Tenant variablesmissing endpoint is slow to load with a project/tenant filter when there are many tenants variables
  • 5738 - Fixed issue where proxy password was in certain circumstances rendered as clear text in deployment log - CVE: CVE-2019-14268

Changes in Octopus Server 2019.6.4

  • 5682 - Fixed an issue where server would fail to start due to incompatibility checks after upgrading from older versions
  • 5697 - Wildfly deployments working again

Changes in Octopus Server 2019.6.3

  • 5671 - Fixed issue where historical feed data in database caused primary key violation when creating a new space
  • 5673 - Fixed an issue where the UI would prevent you from selecting an environment to deploy to if your DeploymentCreate permissions were scoped to tenants
  • 5675 - Deployments awaiting manual intervention will no longer block other deployments to the environment by default. This behavior can now be controlled by a switch on the manual intervention step

Changes in Octopus Server 2019.6.2

  • 5665 - Fix an issue where it was not possible to select a certificate or account when using tenant variables

Changes in Octopus Server 2019.6.1

  • 5663 - Fixed the logic in Azure Service Fabric deployments to determine if upgrades are available

Changes in Octopus Server 2019.6.0

  • 5651 - Added validation to the IIS configuration to ensure a hostname is entered when SNI is enabled
  • 5650 - Show error message when kubectl returns error message

Changes in Octopus Server 2019.5.12

  • 4964 - Added special variable OctopusUseBundledAwsCLI to allow opting out of using the bundled AWS CLI
  • 5360 - Added special variable OctopusUseBundledAwsPowerShellModules to allow opting out of using the bundled AWS PowerShell modules
  • 5395 - Update bundled AWS CLI to 1.16.178
  • 5466 - Variable selector on tenant variables now includes variables from the selected project
  • 5467 - Variables supplied from parent to child projects with Deploy Release steps will correctly have a higher specificity score now allowing them to always overwrite child variables
  • 5474 - Added an option to merge instead of replace IIS bindings
  • 5575 - Fix for TypeError on certificate search, when certificate data was in an unexpected state
  • 5584 - If SMTP is configured to use SSL/TLS and initial connection using SSL fails, we try to connect using TLS instead. If SMTP is not configured to use SSL/TLS we intially try to connect using TLS but if that fails we connect using an insecure connection
  • 5589 - Fix for audit entries on variables where no changes were made
  • 5608 - Fixed bug that was preventing Automatic Release Creation from running when an unrelated package was of a higher version than the package specified for ARC
  • 5621 - Fix issue where filter in dropdown can’t be focused
  • 5624 - Bugfix paging through docker registry results
  • 5626 - Tentacle has wriggled into the Linux category for deployment targets and workers
  • 5630 - Fixed issue where usage of Token account variables was not shown correctly in the UI
  • 5631 - Updated bundled Tentacle which has improved connection retry logic and certificate import improvements
  • 5632 - Fixed an issue with boolean handling in the Azure Resource Group template step's code editor
  • 5637 - Service Fabric profile flag to disable upgrades is now honoured
  • 5638 - Added report about executing threads stacks as part of Diagnostics zip
  • 5641 - Fixed a bug where Octopus can take a long time to connect to deployment targets