The new updates are 1.8.0_331, (aka 8u331), 11.0.15, 17.0.3, and 18.0.1 respectively). And as is generally the case with these Java updates, most of them have the same changes and fixes.

For more on them, including changes as well as the security and bug fixes they each contain, see the Oracle resources I list below, as well as some additional info I offer for if you may be skipping to this from a JVM update from before Apr 2021. I also offer info for Adobe ColdFusion users on where to find the updated Java versions, what JVM versions Adobe CF supports, and more.

[....Continue Reading....]

The new updates are 1.8.0_321, (aka 8u321), 11.0.14, and 17.0.2, respectively).

For more on them, including information on the security fixes and bug fixes they each contain, see the Oracle resources I list below, as well as some additional info I offer for if you may be skipping to this from a JVM update from before Apr 2021, as well as info for Adobe ColdFusion users on where to find the updated Java versions, what JVM versions Adobe CF supports, and more.

[....Continue Reading....]

The new updates are 1.8.0_311, (aka 8u311), 11.0.13, and 17.0.1, respectively).

For more on them, including information on the security fixes and bug fixes they each contain, see the Oracle resources I list below, as well as some additional info I offer for if you may be skipping to this from a JVM update from before Apr 2021, as well as info for Adobe ColdFusion users on where to find the updated Java versions, what JVM versions Adobe CF supports, and more.

[....Continue Reading....]

I've seen the problem raised often enough that when I saw someone raising it this weekend, I decided to solve it by creating a new folder in the cfmlrepo.com site, at least for CF2021 and CF2018 (for now), offering there the initial versions of all the neo-*.xml files for those two editions.

For more information, see what I shared (including more background on the issue, where I got the files, where I put the files, and more) in my reply about all this to the CF Community thread where the user raised the need this weekend.

And for the sake of those who may "just want the files" without any need of explanation or warnings:

• cfmlrepo folder of neo-*.xml files for CF2021
• cfmlrepo folder of neo-*.xml files for CF2018

I welcome thoughts, feedback, or suggestions.

[....Continue Reading....]

• First, you can now pull images from Amazon Elastic Container Registry (ECR), including both the CF2021 image and 2018, as well as the add-on and PMT images for CF2021. These are official Adobe images, to be clear. A simple example--that works today--and will give you the CF2021 update 1 image is the following:
  docker pull public.ecr.aws/adobe/coldfusion:latest
• Second, you can now also get Adobe CF images from Dockerhub, at least as of Sept 2021. Update: When I first wrote this in June, there was still no dockerhub repo. That changed in July when the CF Dockerhub repo was created, and now as of this update on 9/13/2021, you can get the 2021 update 1 image using:
  docker pull adobecoldfusion/coldfusion:latest
• Update: As of a check July 6. 2021, the bintray repo is indeed no longer available. That said, you can still use the images you may have pulled, even using the eaps.bintray.com/coldfusion repo name prefix before the image names. It's only pull requests that will fail. Going forward, use the other options above. Here's what I had written back on June 17: Finally, despite what the Adobe and Bintray sites said about the May 1 "closure" of bintray, saying that images would be inaccessible after that date, Docker images at Bintray DO remain available for now. This includes CF2021 update 1, CF2018 update 11, CF2016 update 17, and more, so existing docker pulls against those do still work, at least as I write today, June 17 2021

Both the first two were mentioned in a comment yesterday on the Adobe CF forums. And I discovered how the continued Bintray image availability while writing up this post to share the news about those other two!

For more information, including additional background on this transition, more on using the ECR images, and still more links to resources discussing these things, including docs on using the Adobe CF images that many never seem to notice, read on. (I also did an "in brief" version of this post on the Adobe CF portal, where I share the "least you need to know" above. Again, for the rest which should be interesting stuff for many, read on.)

[....Continue Reading....]

ColdFusion at 25: not the kid most have stuck in their minds

As ColdFusion turns 26 next month, many seem stuck remembering it only as the "teen" they knew or even the "child", when instead it's grown up to be a capable "adult", impressive in many ways, and even more so recently. In this session, we'll look back at how CF has indeed evolved into a very capable platform, with quite modern features that seem to surprise many--including people working with it currently. If you struggle "finding CF people" or "getting buy-in", perhaps these observations could help you with both challenges. If nothing else, they're things designed simply to help you get your job done, while keeping up with modern practices.

We'll start with many modern coding techniques--which will be familiar to those using more "modern" languages but that many don't realize CF supports, and may have for years. We'll then look at ways that things such as CF installation/deployment, configuration/administration, monitoring, security, and more have improved over the years. And we'll look not only at CF itself but the community surrounding it, ranging from resources for help and learning to tools and services that others have created, making CF a far more complete ecosystem than most give it credit. Put another way: it's not your father's CF!

I look forward to presenting this topic and hope you'll come check it out.

For most, you should read on, especially about an important change regarding TLS support (and calling out to servers not yet running TLS 1.2 or above). I cover that and other important topics:

• What's in the JVM update, do you need to update to it?
• A key change in this Java update: calls out to TLS 1.1 or 1.0 no longer allowed, by default
• Re-enabling support for calling out to old TLS versions
• Groundhog day: you'll need do make this java.security file change on any later JVM updates
• Should you update to the new JVM version?
• The importance of testing such updates/changes
• More questions you may surely have, and finding answers to them
• Obtaining the updated Java installers

[....Continue Reading....]

Some good news is that ColdFusion offers simple ways/variables that can show you each of these, via CFML code. In this post, I share that. I share first a simple single variable which works in CF2018 and above, then I offer a variation for those on CF2016 and earlier, as well as variations for Lucee.

[....Continue Reading....]

The recent release of CF2021 is a great sign for the continued vitality of CF, but this looming deadline is a reminder that as the years roll on, we not only get new versions but we say good-bye to old ones.

Wondering what you can do? or when CF2018 or CF2021 support ends? And what's the difference between "core" and paid Adobe support plans? For more on these, as well as official Adobe documentation that discusses such things, read on.

[Update: CF2016 users got a "reprieve" of sorts, when Adobe released updates to CF2021 and 2018 in March 2021, and they also offered the final update to CF2016, update 17, especially because it address a security vulnerability. Sadly, some of the changes in the update--not related to the security fix--were "breaking" changes. For more on that update, see the Adobe blog post from March 2021.)

[....Continue Reading....]