The issue is not fixed in Jenkins 1.467.
I'm on 1.480.3-LTS with Role Strategy plugin 1.1.2 and Nested View Plugin 1.8.
We have several top-level-views, which are only shown, when a user has the (global) View.READ permission. They are not shown as tabs in the UI, but can be accesed by directly invoking the view's URL. These views are of the type "Nested View" and do not contain other jobs.
This means that the "backward compatibility" trick in JENKINS-3681 does not work, when a view contains only other views (and no jobs).
A user can either see all views (by means of the View.READ) permission, or only views containing Jobs.
Users have "Read" rights on "View" item but don't have "Configure" rights on "View" item. When "Configure" rights on "View" item is checked, regular users can see any nested-views but this configuration is unsafe.