-
Close Search
Document update history: – 10/10/2023: Added Docker Hub and ECR locations. – 10/10/2023: Refreshed the Server ZIP and GUI installers, Lockdown installer, and Add-on installer for ColdFusion (2023 release). Head over to ColdFusion downloads to download the installers. We are pleased to announce the availability of ColdFusion (2023 release) Update 5 and ColdFusion (2021 release) Update 11 today! Where do I download the updates from ColdFusion (2023 updates) ColdFusion (2021 updates) What’s new and changed in the updates Both the […]
We are pleased to announce the availability of ColdFusion (2023 release) Update 4 and ColdFusion (2021 release) Update 10. These updates introduce the ColdFusion serial filter that can be used to allow or disallow Java classes or packages for the deserialization of Wddx packets. What is the ColdFusion serial filter? The cfserialfilter.txt file ensures protection against insecure Wddx deserialization attacks. On the other hand, the already existing serialfilter.txt blocks Java deserialization by disallowing certain Java classes or packages. How do […]
We are pleased to announce that we have released the updates for the following ColdFusion versions: ColdFusion (2023 release) Update 3 ColdFusion (2021 release) Update 9 ColdFusion (2018 release) Update 19 In these updates, we’ve fixed a few critical security bugs mentioned in the security bulletin, APSB23-47. For more information, see the tech notes below: ColdFusion (2023 release) Update 3 ColdFusion (2021 release) Update 9 ColdFusion (2018 release) Update 19 Please update your ColdFusion versions and provide us with your […]
We are pleased to announce that we have released the updates for the following ColdFusion versions: ColdFusion (2023 release) Update 2 ColdFusion (2021 release) Update 8 ColdFusion (2018 release) Update 18 In these updates, we’ve fixed a few security bugs mentioned in the security bulletin, APSB23-41. For more information, see the tech notes below: ColdFusion (2023 release) Update 2 ColdFusion (2021 release) Update 8 ColdFusion (2018 release) Update 18 Please update your ColdFusion versions and provide us with your valuable feedback.
We are pleased to announce that we have released the updates for the following ColdFusion versions: ColdFusion (2021 release) Update 6 ColdFusion (2018 release) Update 16 In this release, we’ve addressed some security vulnerabilities and added the following jvm flags to that effect. -Dcoldfusion.cfclient.enable=true/false -Dcoldfusion.cfclient.allowNonCfc=true/false For more information, see the tech notes below: ColdFusion (2021 release) Update 6 ColdFusion (2018 release) Update 16 These updates fix security vulnerabilities that are mentioned in the security bulletin, APSB23-25. The Docker images will be […]
While installing CF2021 on MacOS Big Sur 11.5.1, users are getting this error message – “libjvm.dylib” cannot be opened because the developer cannot be verified. Even after Allowing this from Security, it does not let users install it. Here are a few simple steps to install it. Eject the current installer. Launch the terminal and type this command xattr -rc <ColdFusion2021_xxxx.dmg file location>. Once you run this command, Run the installer and see if that works. In case, you will still […]
(Originally written in Jul 2019. Updated Jan 2021.) Here’s a guide to show you how to configure JNDI datasource in ColdFusion (versions 10 and above). 1. Get the JDBC Driver The JDBC Driver for your particular database must be placed in <coldfusion>/cfusion/lib folder. 2. context.xml configuration Find the context.xml file in the <coldfusion>/cfusion/runtime/conf folder. Save a copy, then edit the file, adding a resource block before the closing tag </Context>, defining the database connection detail: <Resource name=”jdbc/test” auth=”Container” type=”javax.sql.DataSource” maxActive=”50″ […]
Oracle has introduced a new security feature, Oracle Advanced security, for Oracle databases. This feature provides better data encryption other advanced security features to secure user data. For more details on OAS, please refer: http://www.oracle.com/technetwork/database/options/advanced-security/overview/index.html After enabling this feature with an Oracle database, a user can create the connection using the connection string provided by Oracle with the help of Oracle JBDC drivers. However, when creating the secure connection using ColdFusion, there is an error when using the basic connection […]
Today, APIs are widely used and are very popular in the developer community. APIs make work easier, as developers can perform difficult task programmatically and automate repeatable routines.
In ColdFusion, there are Admin APIs available through which developers can add, modify, and delete Admin task programmatically. This is helpful for developers who do not have access to ColdFusion Administrator, for example, component event gateway, data sources, mail, and so on.
