Security update for ColdFusion versions 9, 8.0.1, and 8 and a word of caution

12 May 2010 2 Comments

by ajithmanmu in cold fusion Tags: coldfusion, coldfusion8, coldfusion9

A new security update for ColdFusion versions 9, 8.0.1, and 8 is available now. Important vulnerabilities have been identified for these versions that could lead to cross-site scripting and information disclosure. So an update is highly recommended.

http://www.adobe.com/support/security/bulletins/apsb10-11.html

But after taking updates it was reported that the update killed the datasources in the CF admin. After deleting shf8010001.jar from {CF_HOME}/lib/updates/ and restarting the ColdFusion service CF is up and running again. We are still waiting for Adobe to resolve this issue.

2 Comments (+add yours?)

Sandra Clark
May 12, 2010 @ 18:11:57

The updater worked fine here. All datasources are verifying normally.

Reply
- ajithmanmu
  May 12, 2010 @ 18:20:58
  
  @sandra the CF Administrator verifies them correctly but the code throws errors now.
  
  Reply

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Cancel

Connecting to %s

	cubed on Windows authentication for col…
	ajithmanmu on Reading Schedule task details …
	BYJ on Reading Schedule task details …
	ajithmanmu on Command Line API in Fireb…
	sooraj on Command Line API in Fireb…

Ajithmanmu on Coldfusion,Web X.0