TLDR: The new updates are 1.8.0_361 (aka 8u361), 11.0.18, 17.0.6, and 19.0.2 respectively). For more on each of them, including what changed and the security fixes they each contain (including their CVE scores regarding urgency of concerns), see the Oracle resources I list below. Oracle calls them "critical patch updates" (yep, CPU), but they are in fact scheduled quarterly updates, so that "critical" nomenclature may be a bit overstated. And as is generally the case with these Java updates, most of them have the same changes and fixes as each other, though not always.

Update: After posting this, I learned of some rather surprising implications of a new feature of the new JDK installer, as 11.0.18 or 17.0.6 and later. For more, see another post I created.

For some folks, that's all they need to hear. For others, read on for topics like:

• Finding more info on these Jan 2023 Java updates
• What about other JVM distributions besides Oracle?
• News for my CF audience (getting the Java updates from Adobe or Oracle, how to update, why you should NOT for now use Java 17 with CF, etc)
• Should you apply the update? how soon?
• Beware a change in the Oct 22 JVM update regarding Java no longer trusting jars signed with SHA-1
• Beware a change in the April 2021 JVM update, if you may be skipping over it
• Wrapping up, getting more help

[....Continue Reading....]

For now, only the Alpha has been announced, and the number of registrants allowed may be limited.

For more on that and about the prerelease (what can be gleaned/shared publicly), read on.

[....Continue Reading....]

What if you want it back? In this post, I explain what changed, why, and how to get the functionality back--albeit at your own risk. For more, read on.

[....Continue Reading....]

Read on for more details.

[....Continue Reading....]

Update Jul 2023: Before considering what I share in this post, note that if you have updated your CF to use the Java update from Jul 2023, the cause of this error may be due to a totally different issue. See my post from July 2023 on that matter.

Update Feb 2023: In mid-February 2023, Adobe did re-sign their jars and placed them on the uploads site so that either the CF Admin update download or anyone performing a manual download after that date WOULD get the newly signed jars, and the problem below then no longer happens. (They are now signed as "SHA256withRSA, 4096-bit key".) I leave the rest here still for those who would want to understand what DID happen and why the update jars that were in place then DID change (slightly) for this reason.

[....Continue Reading....]

TLDR: The new updates are 1.8.0_351, (aka 8u351), 11.0.17, 17.0.5, and 19.0.1 respectively). And as is generally the case with these Java updates, most of them have the same changes and fixes as each other (though not always).

Update: After posting this, I learned of some rather surprising implications of a new feature of the new JDK installer. For more, see a new section on this below.

Oracle calls them "critical patch updates" (yep, CPU), but they are in fact scheduled quarterly updates, so take that "critical" nomenclature for what it is. For more on each of them, including what changed and the several security fixes they each contain (including their CVE scores regarding urgency of concerns), see the Oracle resources I list below. And if you may be skipping to this from a JVM update from before Apr 2021, I share also a bit more info as well as for users of Adobe ColdFusion (including where to find the updated Java versions from Adobe, what JVM versions Adobe CF supports, and more).

For some folks, that's all they need to hear. For others, read on for topics like:

• Finding more info on these Oct 2022 Java updates
• News for my CF audience (getting the Java updates from Adobe or Oracle, how to update, why you should NOT for now use Java 17 with CF, etc)
• Should you apply the update? how soon?
• Beware a change in the Oct 22 JVM update regarding Java no longer trusting jars signed with SHA-1
• Beware a change in the April 2021 JVM update, if you may be skipping over it
• Wrapping up, getting more help

[....Continue Reading....]

If you find this post in 2023 or beyond and are looking for the CF2021 installers, please read this update before proceeding. I started to get a lot of comments once CF2023 came out. This post is from Oct 2022, about new installers offered at that time, while CF2021 was still the latest version.

To be clear, once Adobe comes out with a new version, they REMOVE the installers of the old version from the public pages of their site. Does that mean you're stuck and CANNOT get the installers, perhaps that "you paid for"? No, it does NOT mean that. You just need to know where to find them.

1) First, if you are the person who BOUGHT CF, then you should have an account at either https://account.adobe.com/products or https://licensing.adobe.com/, and you can find the installers you paid for there.

2) If instead you either DID NOT buy CF (perhaps using the free trial edition), or someone ELSE bought it (maybe you don't know who it is), or you just can't get into that account, note that there is an online repository of old (and new) installers at cfmlrepo.com, which is managed by trusted community members, including myself.

Now, back to what the original post was about...

Here's some surprising news: Adobe has released a "refreshed" installer for CF2021, which includes update 5 (which came out last week) built-in.

Read on for (much) more.

[....Continue Reading....]

[Edit] This post originally had been addressed to speakers at last week's great Adobe CF Summit. Adobe had been unable to arrange streaming or recording of the dozens of presentations. But it turns out that at the same time I was writing it, Adobe was posting that they will be asking Summit presenters to present on webinars they will arrange. As such, I withdraw here my request to host those presentations, as I certainly don't mean to lead to any confusion over things.

Still, I will leave up this post as a general offering to ANY presenters, on of course ANY CF topics. :-) Read on for more.

[....Continue Reading....]

Folks who are members of the Online ColdFusion Meetup that I run will already have gotten notification about this, but those who are not:

[....Continue Reading....]

On this post I want to point out what's new (improved or fixed), and indicate what aspects apply to users only of the FR Cloud feature, and what aspects apply to users of the on-prem version as well. (I will also briefly explain the difference between those, for folks not aware.)

I'll also point to info on how to update FR (if you may not do it often), and finally discuss what resources do exist about FR 9.

[....Continue Reading....]