[Looking for Charlie's main web site?]

Return of AWS Lambda support in ColdFusion 2021 Update 2...well, kinda

Some folks may have heard or noticed that update 2 of CF2021 has returned "CF AWS Lambda" support. And while I was delighted to hear that news, my excitement dimmed when I saw what the "returned feature" was about. (As a reminder, the feature had been removed shortly after the initial release of CF2021, in news I shared then.)

TLDR; While the original CF AWS Lambda feature (removed shortly after the release) let you CREATE AWS Lambda/serverless packages written in CFML, the feature as "returned" to us now in update 2 only allows you to CALL AWS Lambda functions from within CFML. That's QUITE a difference.

And sure, there's value in being able to call AWS LAMBDAS in cfml, as I'll note. (And yes, it's already possible to execute cfml in AWS Lambdas in Lucee via Fuseless, as I also note later.) I just am really hopeful that at some later point the original capability will be returned.

Below, I share how I came to understand things..including more on what was possible before, what we were even teased by over the summer in the prerelease of CF2021 update 2, and then finally what the current capability allows.

[....Continue Reading....]

New updates released for Java 8 and 11 (and 17), Oct 2021

New JVM updates have been released yesterday (Oct 19, 2021) for the current long-term support (LTS) releases of Oracle Java, 8, 11, and 17. (Note that prior to Java 9, releases of Java were known technically as 1.x, to 8 is referred to in resources below as 1.8.) While the news has been announced by Oracle and shared in the IT press, I know that some of my readers don't necessarily follow those sources closely.

The new updates are 1.8.0_311, (aka 8u311), 11.0.13, and 17.0.1, respectively).

For more on them, including information on the security fixes and bug fixes they each contain, see the Oracle resources I list below, as well as some additional info I offer for if you may be skipping to this from a JVM update from before Apr 2021, as well as info for Adobe ColdFusion users on where to find the updated Java versions, what JVM versions Adobe CF supports, and more.

[....Continue Reading....]

Beware of ransomware attacks happening on ColdFusion 9 and earlier

If you're running CF9 or 8, beware: a recent spate of ransomware attacks have occurred, hitting such old CF servers that were not updated (in ways offered by Adobe in 2010!) This news has been reported in various security industry press, but I want to share here more that they generally did not.

TLDR; A most basic message to hear is "get off of CF9", or any version of CF that is no longer supported. But for the sake of those who wonder, "while I work on that, is my CF 9 really impacted?", I address that, and more. But again updating 9 to just "leave it at that" and get on with your life is NOT the main message to be hearing!

Of course, it's always risky to run old versions of software, and to be clear, CF9 was released in 2009 and CF8 in 2007. Sadly, some shops drag their feet to keep even such old software updated (they each got updates for 5 years after their release). But the problem is really coming home to roost for some.

Who's affected, and who's not? And what can you do, if still on CF9 or 8? And what more is known about the attack?

For more, read on. (BTW, yes I am aware that this is not "new info", as some were sharing it as much as 2 weeks ago. It simply took me time to gather up all the info below, to provide more specifics than those general interest articles were sharing.)

[....Continue Reading....]

Copyright ©2024 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting