On ColdFusion, XXE, and other XML Attacks
An IntroductionThis is the first of what may become a few blog posts based on my CFSummit 2022 talk.
11/9/22, 2:40 PM
Coldfusion/Lucee
Free ColdBox Training For The Rest Of 2022
CFML developers that still say "I don't know how to use ColdBox", your excuses are now officially invalid. ;) The ColdBox Master Class video training series that I produced for Ortus Solutions is FREE for the rest of the year!
From: South of Shasta: Software Development, Web Design, Training
11/4/22, 4:10 PM
Coldfusion/Lucee
Restoring the CF Admin logviewer removed in Oct 2022 CF updates, at your own risk
As of the Oct 2022 CF updates (CF2021 update 5 and CF2018 update 15), Adobe has chosen to remove the CF Admin feature to view, search, download, and delete CF logs, due to asserted (but as-yet undocumented) security concerns.
11/4/22, 4:49 AM
Coldfusion/Lucee
OpenSSL and ColdFusion / Lucee / Tomcat
I've had a several people asking me about the openssl vulnerabilities that were patched this week: CVE-2022-3602 and CVE-2022-3786 aka Spooky SSL.
From: Pete Freitag's Homepage
11/3/22, 12:53 AM
Coldfusion/Lucee
OpenSSL and ColdFusion / Lucee / Tomcat
I've had a several people asking me about the openssl vulnerabilities that were patched this week: CVE-2022-3602 and CVE-2022-3786 aka Spooky SSL.
From: Pete Freitag's Homepage
11/3/22, 12:53 AM
Coldfusion/Lucee
ColdFusion Security Training Class December 2022
Early bird registration is open for my ColdFusion Security Training deep dive class in December.
From: Pete Freitag's Homepage
11/1/22, 11:21 PM
Coldfusion/Lucee
ColdFusion Security Training Class December 2022
Early bird registration is open for my ColdFusion Security Training deep dive class in December.
From: Pete Freitag's Homepage
11/1/22, 11:21 PM
Coldfusion/Lucee
Special offer: upgrade to ColdFusion 2021 from CF2016 or earlier, saving perhaps thousands of $$
If you're running CF2016 or earlier, now's your chance (though the end of the year Feb 28, 2023) to save potentially thousands of dollars in upgrading to the latest current version, CF2021.
11/1/22, 12:05 AM
Coldfusion/Lucee
How to solve "Failed Signature verification", for downloads of ColdFusion updates--since Oct 2022
If you try to download a CF update using the ColdFusion Administrator AND you get an error, "error occurred while installing the update: Failed Signature Verification", there are both a couple of possible explanations (one of them new), both with fairly simple solutions. [More]
10/31/22, 7:22 AM
Coldfusion/Lucee
How Long Has Your ColdFusion Server Been Running?
Someone asked on the CFML slack recently how can you find out how long your ColdFusion (or Lucee) server has been running via code.
From: Pete Freitag's Homepage
10/24/22, 8:59 PM
Coldfusion/Lucee
How Long Has Your ColdFusion Server Been Running?
Someone asked on the CFML slack recently how can you find out how long your ColdFusion (or Lucee) server has been running via code.
From: Pete Freitag's Homepage
10/24/22, 8:59 PM
Coldfusion/Lucee
New updates released for Java 8, 11, 17, and 19 as of Oct 18 2022
Here's a heads-up that some will want to hear about: there are new JVM updates released today (Oct 18, 2022) for the current long-term support (LTS) releases of Oracle Java, 8, 11, and 17, as well as the new interim update 19.
10/19/22, 3:56 AM
Coldfusion/Lucee
Rerunnable data update scripts for Microsoft SQL Server
We can implement a SQL Server equivalent of MySQL/MariaDB's "INSERT IGNORE" using MERGE INTO as follows...
10/18/22, 6:00 AM
Coldfusion/Lucee
ColdFusion 2021 "refreshed" installers available (with update 5)...but only in one place for now
Here's some surprising news: Adobe has released a "refreshed" installer for CF2021, which includes update 5 (which came out last week) built-in.
10/18/22, 4:25 AM
Coldfusion/Lucee
Slides from My ColdFusion Summit Presentation on Creating Complex Serverless Workflows with CFML at the Center
This year marked the tenth anniversary of the Adobe ColdFusion Summit.
From: Brian Klaas
10/12/22, 12:39 PM
Coldfusion/Lucee
Rerunnable Data Update Scripts for MySQL/MariaDB
Using the INSERT IGNORE statement you can easily manage reference table's data using re-runnable sql scripts.
10/11/22, 6:00 AM
Coldfusion/Lucee
Presenters welcome at the online CF Meetup
This is a call to anyone who may have a CF-oriented presentation: we would welcome you presenting it on the Online ColdFusion Meetup.
10/10/22, 11:45 PM
Coldfusion/Lucee
Adobe CF Summit 2022 Recap
The Adobe CF Summit 2022 is done! I'm down in the hotel lobby waiting for my ride to the airport which means it's officially time to work on my conference recap! Honestly I can't think of any reason that this conference wasn't a huge success for everyone involved.
From: South of Shasta: Software Development, Web Design, Training
10/8/22, 12:29 AM
Coldfusion/Lucee
Adding CloudFlare Turnstile CAPTCHAs to CFML Sites
CloudFlare recently released a new CAPTCHA service called Turnstile, which aims to provide a better user experience for CAPTCHA's.
From: Pete Freitag's Homepage
10/7/22, 10:13 PM
Coldfusion/Lucee
Adding CloudFlare Turnstile CAPTCHAs to CFML Sites
CloudFlare recently released a new CAPTCHA service called Turnstile, which aims to provide a better user experience for CAPTCHA's.
From: Pete Freitag's Homepage
10/7/22, 10:13 PM
Coldfusion/Lucee