TLDR; For some folks, the above may be all you need to hear: you may be dropping your coffee and donuts now to get the update applied. Still others will see this "huge post" and think, "crap, I don't have time for this". For you, skip to the bottom and its "concluding key points". You can then decide what you think you do or don't "need to know" and pick and choose from the sections as you like.

Finally, for those who prefer because of the importance of all this to be led more carefully through understanding things (in a way that's worked for the many people I have helped so far this week, and is far more than either Adobe or Hackernews has shared), please do read on.

[....Continue Reading....]

For more on the event, my talk, and how this means I have to skip attending/speaking at DevNexus the same week, read on.

[....Continue Reading....]

For more, read on.

[....Continue Reading....]

Since it's mentioned in many places on the web, I wanted to help spread this news. This cfml-slack.net URL replaces that, while the URL for the CFML Slack channel itself is unchanged: cfml.slack.com.

For more explanation/context, and especially if you may be new to considering the CFML Slack, read on.

[....Continue Reading....]

As for CF2021, it gets updates into 2025, and the currently running pre-release of CF2023 is a great sign for the continued vitality of CF. But this looming deadline for CF2018 is a reminder that as the years roll on, we not only get new versions but we must say good-bye to old ones.

Wondering what you can do? or when CF2021 or CF2023 support will end also? And what's the difference between "core" and "extended" support Adobe sells? (The extended support plan does NOT provide updates beyond this coming July.) For more on these, including official Adobe documentation that discusses such things, as well as my thoughts on migration, costs, various options to consider, and more, do read on.

[....Continue Reading....]

As for my session, it will be "Transitioning to Java 17 from 11 or 8 for Admins":

[....Continue Reading....]

You can learn more (in brief) about what's new in the bullets for 9.2.0 offered at the release notes page.

TLDR: For some folks, news of the new version is all the need to hear. For those who may like to hear a bit more about the update, read on.

[....Continue Reading....]

Update: Since I posted this last night, I've heard some people assert "this is not new behavior: Java's always popped up and offered to remove old versions". Those folks are misunderstanding something: that was true of past JRE installers (like in Java 8 and earlier, which don't exist for Java 11), but it was never the case for Oracle JDK installers (even for Java 8). THAT's what's new about the JDK 11 and 17 installers, and it's DOCUMENTED in the release notes, as I discuss below. But it may surprise those who never saw a JDK installer do that, thus this post. (The rest of this post remains unchanged.)

I'm referring here to new behavior in the JDK installers from the Jan 2023 update, which I blogged about recently. This topic will apply also to subsequent JVM updates as they come out in the future. (Fortunately for some, this issue does NOT affect those running Java 8 or below, or Java 19 or above, as I will explain.)

While the technotes for the new updates (which I point to in my post above) do make mention of the issue I'm describing, I don't feel they do it in as obvious a manner as they might (it's not clear how it affects CURRENTLY installed earlier updates of JDK 11 or 17)., and I've already helped some people dealing with the ramifications of the change. And of course it's all the MORE important to make sure this is made known to those who might NOT read the release notes.

I've also found that the JDK installer doesn't ALWAYS warn that there are running processes using the older JDK version that it's about to remove. And to be clear, it won't warn about applications that are NOT running but which are configured to try to use the older JDK version that would be removed.

Read on for:

• The issue, in brief: JDK installers now implement a single-minor-version-per-major-version policy, deleting older JDK installations
• The implications of this changed behavior which may trip you up--and a solution
• Some closing considerations

[....Continue Reading....]

TLDR: The new updates are 1.8.0_361 (aka 8u361), 11.0.18, 17.0.6, and 19.0.2 respectively). For more on each of them, including what changed and the security fixes they each contain (including their CVE scores regarding urgency of concerns), see the Oracle resources I list below. Oracle calls them "critical patch updates" (yep, CPU), but they are in fact scheduled quarterly updates, so that "critical" nomenclature may be a bit overstated. And as is generally the case with these Java updates, most of them have the same changes and fixes as each other, though not always.

Update: After posting this, I learned of some rather surprising implications of a new feature of the new JDK installer. For more, see another post I created.

For some folks, that's all they need to hear. For others, read on for topics like:

• Finding more info on these Jan 2023 Java updates
• What about other JVM distributions besides Oracle?
• News for my CF audience (getting the Java updates from Adobe or Oracle, how to update, why you should NOT for now use Java 17 with CF, etc)
• Should you apply the update? how soon?
• Beware a change in the Oct 22 JVM update regarding Java no longer trusting jars signed with SHA-1
• Beware a change in the April 2021 JVM update, if you may be skipping over it
• Wrapping up, getting more help

[....Continue Reading....]

For now, only the Alpha has been announced, and the number of registrants allowed may be limited.

For more on that and about the prerelease (what can be gleaned/shared publicly), read on.

[....Continue Reading....]