In brief, this update (for all 3 versions) ad.dresses several P1 (Priority 1, "Critical") security vulnerabilities, and also updates Tomcat, along with updating several CF packages, and makes some other changes (see below). Note that Adobe is also reporting currently that, "Adobe is not aware of any exploits in the wild for any of the issues addressed in these updates."

In this post, I share the details about the update (from Adobe and from others). I also share additional info you may want to consider before (or after) doing the update. 

Having installed the update for each of the releases on multiple machines, I can report that it went well expect for this:

Warning: on CF2023, after applying the update, I and others have experiences that the CF Admin is inaccessible and packages that were updates are unexpectedly uninstalled. I will offer a follow-up post on that, including how to solve the problem (until Adobe does), and how to ensure your own manual efforts to solve it are complete.

[....Continue Reading....]

There's more to consider. For that, read on.

[....Continue Reading....]

TLDR: The new updates are 1.8.0_471 (aka 8u471), 11.0.29, 17.0.17, 21.0.9, and 25.0.1, respectively. More on the updates below, including links to more info on each of them including what changed, bug fixes, and the security fixes each version contains. (I also offer a quick assessment of the updates with respect to my primary audience, users of CFML engines.)

[....Continue Reading....]

As usual, there are a number of things you should consider before (or after) doing the update, with some discussed in Adobe's resources on the update (there are more than one), and some info that I share below based on my experience helping people apply this and past updates.

In this post, I share the details about the update (from Adobe and from others). I can report I have installed the update for each release on multiple machines and operating systems without any major incidents. As for challenges (common to recent releases) and lessons learned (about this update), read on.

[....Continue Reading....]

TLDR: The new updates are 1.8.0_461 (aka 8u461), 11.0.28, 17.0.16, 21.0.8, and 24.0.2, respectively. More on the updates below, including links to more info on each of them including what changed, bug fixes, and the security fixes each version contains. (I also offer a quick assessment of the updates with respect to my primary audience, users of CFML engines.)

[....Continue Reading....]

As usual, there are a number of things you should consider before (or after) doing the update, with some discussed in Adobe's resources on the update (more than one), and some that I share below based on my experience helping people apply this and past updates. Finally, the update corrects some issues introduced in the previous updates, released in May.

In this post, I share the details about the update (from Adobe and from others). I can report I have installed the update for each release on multiple machines and operating systems without any major incidents. As for challenges (common to recent releases) and lessons learned (about this update), read on.

[....Continue Reading....]

I want to announce in particular here that I'll be offering the first talk of the week: "Debugging and Error Handling in ColdFusion". Read on for more.

[....Continue Reading....]

The update also incorporates potentially breaking changes (with Adobe trading compatibility for security), while it also includes configurable options to undo those changes (if you prefer to trade away security for compatibility). Finally, the update corrects some issues introduced in the previous updates, released in April.

In this post, I share the details about the update (from Adobe and from others). I can report I have installed both updates on multiple machines and operating systems without incident. As for challenges or lessons learned, I may do a follow-up post as I/we all learn more.

For more details, read on.

[....Continue Reading....]

I'll be presenting a talk on this topic, online today, at noon US Eastern, on the CFMeetup Youtube livestream (which will be recorded). Folks who are members of the Online ColdFusion Meetup will have already gotten email notification about this, including the meeting URL, but for those who are not members here are the details:

[....Continue Reading....]

TLDR: The new updates are 1.8.0_451 (aka 8u451), 11.0.27, 17.0.15, 21.0.7, and 24.0.1, respectively. Crazy that there are now 5 current Java releases, I do realize. More below, including links to more on each of them including what changed, bug fixes, and the security fixes each version contains, which are offered in Oracle resources I list below.

[....Continue Reading....]