This article announces the release of updatesColdFusion 2016, ColdFusion Builder 2016, ColdFusion 11 and ColdFusion 10.
These updates address a common vulnerability mentioned in security bulletin APSB 16-22
This article announces the release of updates for ColdFusion 2016, ColdFusion Builder 2016, ColdFusion 11 and ColdFusion 10.
These updates address a common vulnerability mentioned in security bulletin APSB16-22.
ColdFusion 2016 Update 2
ColdFusion 2016 Update 2 fixes an important security issue. It also includes some other important fixes related to Language, Security Analyzer, AJAX, document management, SharePoint, CLI, API Manager and a few other areas.
For details, refer this technote.
ColdFusion Builder 2016 Update 2
ColdFusion Builder 2016 Update 2 (standalone) has been upgraded from Kepler to Mars. It includes important updates to Security Analyzer, a few bug fixes related to performance and other bug fixes. PhoneGap has been upgraded to 5.2.
For details, refer this technote.
ColdFusion 11 Update 9
ColdFusion 11 Update 9 fixes an important vulnerability mentioned in the security bulletin APSB16-22. It also includes a few other fixes.
For details, refer this technote.
ColdFusion 10 Update 20
ColdFusion 10 Update 20 fixes an important vulnerability mentioned in the security bulletin APSB16-22. It also includes a few other fixes
For details, refer this technote.
Guys
by the way my scheduled tasks have no password. I was thinking that i could go into each one and set the password to some value and maybe that would stop the error i posted above, but nope same error.
Crazy thing is the CFAdmin task runner says it succeeded. but the code is never executed.
Anyway, if anyone can think of something i can try i would really appreciate it.
Some background:
Server: windows 2012 64b, 16gb ram. CF11 64b latest download and installed HF9.
I can post the jvm if needed or post full error logs if needed.
Thanks
Hi Guys, for what every reason I never got an email notification that a reply to this post.. anyway, I punted and just did a fresh install. What a pain.. biggest issue was the backup neoxx.xml files were not readable by the new install. Not sure why but after putting them in place and restarting the service, nothing would run http 500 for everything.
SO I manually rebuilt the config..
So far so good until today when I noticed that all of my scheduled tasks are running but not firing. What I mean is that I have a task that sends an email, it is not firing but the task is running successfully. The log files produces this:
“Error”,”DefaultQuartzScheduler_Worker-1″,”07/04/16″,”07:16:57″,,”An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded. ”
44473 coldfusion.runtime.Encryptor$InvalidParamsForEncryptionException: An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded.
44474 at coldfusion.runtime.Encryptor.processCipherWork(Encryptor.java:632)
44475 at coldfusion.runtime.Encryptor.decrypt(Encryptor.java:399)
44476 at coldfusion.runtime.Encryptor.decrypt(Encryptor.java:363)
44477 at coldfusion.runtime.Encryptor.decrypt(Encryptor.java:340)
44478 at coldfusion.util.PasswordUtils.decryptWithAES_CBC_PKCS5(PasswordUtils.java:509)
44479 at coldfusion.util.PasswordUtils.decryptPassword(PasswordUtils.java:437)
44480 at coldfusion.scheduling.ScheduleTagData.getHttpTag(ScheduleTagData.java:1632)
44481 at coldfusion.scheduling.CronTask.execute(CronTask.java:91)
44482 at org.quartz.core.JobRunShell.run(JobRunShell.java:207)
Not sure whats going on now. Can anyone point me in the right direction?
You must be logged in to post a comment.