[Looking for Charlie's main web site?]

FusionReactor 8.7.4 released, now tracks JDBC time, etc. much more noticeably

FusionReactor version 8.7.4 was released recently (Oct 28. 2021), and while the release notes list several improvement (and a few bug fixes), I want to highlight in particular a couple of new features.

TLDR; The first improvement is one I've been looking forward to for years: the display of JDBC time spent and time spent calling out to remote services on the pages that list requests, like active/longest/slow requests. This will really speed up assessment of the reason of slowness in listed requests. See the screenshot below, and still more as well as another new feature.

[....Continue Reading....]

New updates released for Java 8 and 11 (and 17), Oct 2021

New JVM updates have been released yesterday (Oct 19, 2021) for the current long-term support (LTS) releases of Oracle Java, 8, 11, and 17. (Note that prior to Java 9, releases of Java were known technically as 1.x, to 8 is referred to in resources below as 1.8.) While the news has been announced by Oracle and shared in the IT press, I know that some of my readers don't necessarily follow those sources closely.

The new updates are 1.8.0_311, (aka 8u311), 11.0.13, and 17.0.1, respectively).

For more on them, including information on the security fixes and bug fixes they each contain, see the Oracle resources I list below, as well as some additional info I offer for if you may be skipping to this from a JVM update from before Apr 2021, as well as info for Adobe ColdFusion users on where to find the updated Java versions, what JVM versions Adobe CF supports, and more.

[....Continue Reading....]

Beware of ransomware attacks happening on ColdFusion 9 and earlier

If you're running CF9 or 8, beware: a recent spate of ransomware attacks have occurred, hitting such old CF servers that were not updated (in ways offered by Adobe in 2010!) This news has been reported in various security industry press, but I want to share here more that they generally did not.

TLDR; A most basic message to hear is "get off of CF9", or any version of CF that is no longer supported. But for the sake of those who wonder, "while I work on that, is my CF 9 really impacted?", I address that, and more. But again updating 9 to just "leave it at that" and get on with your life is NOT the main message to be hearing!

Of course, it's always risky to run old versions of software, and to be clear, CF9 was released in 2009 and CF8 in 2007. Sadly, some shops drag their feet to keep even such old software updated (they each got updates for 5 years after their release). But the problem is really coming home to roost for some.

Who's affected, and who's not? And what can you do, if still on CF9 or 8? And what more is known about the attack?

For more, read on. (BTW, yes I am aware that this is not "new info", as some were sharing it as much as 2 weeks ago. It simply took me time to gather up all the info below, to provide more specifics than those general interest articles were sharing.)

[....Continue Reading....]

FusionReactor 8.7.3 released: some email-related enhancements/fixes

FusionReactor users will want to know that an update 8.7.3 had been released, Aug 12 2021. This update addresses in particular a few enhancements/fixes related to configuring email settings in FR. I'll share a bit more on each below. (If you notice that your reports/alerts were not showing up in recent weeks, there was a problem for some that this update fixes. More below.)

Of course, if you view your FR on-premises user interface, that should inform you when a new version is available (at least since FR versions of the past couple of years). You can also learn of FR updates via the FR downloads page.  As for what the update offers, that's offered in the release notes, whose link is also offered on that downloads page above. 

For the TL;DR crowd, if the brief several words per fix offered in those release notes may be enough for you, you're done. If instead you're left wondering just what they may be referring to, I can elaborate. The changes are things I'm especially glad to see.

[....Continue Reading....]

Lots more to the current CF2021, 2018 prerelease than folks may realize

Have you checked out the many things coming in the updates for CF2021 and 2018 in prerelease the past few weeks? Anyone is welcome to join the prerelease, logging in with an Adobe account. It's a lot more substantial than I think most realize.

[....Continue Reading....]

Version numbers of libraries underlying ColdFusion 2021

Are you wondering what updates have been made (in terms of version numbers) to the libraries underlying CF2021?

For instance, what's the version of ehcache? What about Java, Tomcat, Hibernate, Quartz, jQuery, and so on?

In this post, I offer a rundown of what seem the most significant libraries and their versions, as deployed in the first release of ColdFusion (2021 Release). This is something I have been doing in my "hidden gems" talks for the past several releases. I also explain here how I find these version numbers, which isn't always obvious, in case that may help anyone (and also because some libraries may change with future updates to CF2021). I also offer some commentary on why this matter of library versions is important to some, as well as some counterpoints to the demands some have that every library should always be the absolute latest version (and why that's just not practicable).

If you just want the version numbers without the "waffle", look for the bulleted list of them below. :-)

[....Continue Reading....]

Be aware that updates to ColdFusion 2016 will end Feb 2021

Are you still running ColdFusion 2016? Did you know that its "core" support (meaning, public updates from Adobe) will end in just a couple of months, Feb 21 2021? Same for CFBuilder 2016.

The recent release of CF2021 is a great sign for the continued vitality of CF, but this looming deadline is a reminder that as the years roll on, we not only get new versions but we say good-bye to old ones.

Wondering what you can do? or when CF2018 or CF2021 support ends? And what's the difference between "core" and paid Adobe support plans? For more on these, as well as official Adobe documentation that discusses such things, read on.

[Update: CF2016 users got a "reprieve" of sorts, when Adobe released updates to CF2021 and 2018 in March 2021, and they also offered the final update to CF2016, update 17, especially because it address a security vulnerability. Sadly, some of the changes in the update--not related to the security fix--were "breaking" changes. For more on that update, see the Adobe blog post from March 2021.)

[....Continue Reading....]

How and why your sites may break, and what to do, after applying March 2020 update to CF2018 or 2016

This is a critical warning to anyone who may apply the recent CF2018 Update 8 or CF2016 Update 14, released Tuesday of this week (on Mar 20, 2020). And readers in the future should note it will apply if and as you may update CF from any update BEFORE this one to any update AFTER this one.

To be clear, I do not mean with this warning to suggest that you should NOT apply the update! It implements an important security fix.

Instead, it's that after applying it, your CF web sites served via IIS or Apache WILL likely break initially, until you take one at least and perhaps two extra steps. The good news is that these steps are both easy and documented by Adobe in the update technotes, but they do require that someone do them, if needed. Let me explain.

[Update: I did an abbreviated version of this post on the Adobe CF portal: Three reasons your sites may break, and how to fix them, after applying March 2020 update to CF2018 or 2016. Note I also titled it differently. Just trying many ways to get people's attention. That post may interest some, either to read first (but my TLDR below also tries to abbreviate things also), or especially if you may prefer to give others a link to a post on this matter that is not as "dense" as this one. :-) I do point to this post from there, of course, for the many additional details that some may appreciate.]

Sadly, because many people don't bother to read the CF update technotes (linked to below), and they just apply the CF updates, they are not noticing this issue until they or their users start screaming because their sites are down. There's also a fair bit of "screaming" in the CF community, and folks responding may not know the info that I (or Adobe) have shared, to get things "working again", so I hope this helps bring some calm, and most important the clear solution/s needed.

[....Continue Reading....]

ColdFusion 2018 update 7 released today...do you "need" it?

Adobe released update 7 for CF2018 today, and as it includes a security fix, some might think I'd say everyone should apply it.

But note first that the security aspect applies only to those running CF on Windows (and even then not ALL users of CF on Windows, as I will explain).

Then again, the update also includes a bug fix to a CF Admin, for a UI issue (related to updates, in fact), and if you need that, then you do want the fix (regardless of your OS).

So who needs it? If you need a little more guidance, I offer some clarification, as well as links from Adobe for more.

[....Continue Reading....]

When and how to upgrade CF web server connector, easier since CF2016

Did you know that when you update ColdFusion, there is often a need to also update the web server connector (for IIS and/or Apache)? In this post, I discuss how you can know when to do it (Adobe makes that easier since CF2016), as well as how to do it (also easier since CF2016), and why it's important.

[....Continue Reading....]

More Entries

Copyright ©2021 Charlie Arehart
Carehart Logo
BlogCFC was created by Raymond Camden. This blog is running version 5.005.
(Want to validate the html in this page?)

Managed Hosting Services provided by
Managed Dedicated Hosting