Entries Tagged as “ Security”

ColdFusion (2016 release) - Security audit report

May 22, 2016 / Rakshith Naresh

  Security | Adobe ColdFusion 2016 | Announcements

As you are probably aware, with each version of ColdFusion, security is at the top of the priority list. With the latest release of ColdFusion, it is not just the security related features. Emphasis was laid on the inherent security of the ColdFusion platform by itself. To validate this, the PSIRT (Product Security Incident Response Team) at Adobe helped arrange a third party security audit for ColdFusion. The audit did come up with a few findings. Our Product engineers did an excellent job of mitigating all the findings to the fullest. 

To validate the above claim, we now have a public facing security report, from the agency that performed the security audit, indicating that 100% of all findings have been mitigated. Here is the public facing report with all the details. You can also view the link to this security audit report under datasheets and whitepapers section of the ColdFusion product home page on the Adobe website.


ColdFusion 11 Update 6 and ColdFusion 10 Update 17 now available

August 27, 2015 / Piyush Kumar Nayak

  Security | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11

The following ColdFusion updates are now available for download. These updates address a common XXE vulnerability in BlazeDS. For details refer the security bulletin hyperlinks in the sections below.

Users who are using LCDS with ColdFusion, should refer this technote, for updating their LCDS installation.

ColdFusion 11 Update 6

This Update addresses a vulnerability mentioned in the security bulletin APSB15-21. This update is cumulative and includes fixes from previous ColdFusion 11 updates.

For details, refer this technote.

ColdFusion 10 Update 17

This Update addresses a vulnerability mentioned in the security bulletin APSB15-21. This update is cumulative and includes fixes from previous ColdFusion 10 updates. 

For details, refer this technote.


ColdFusion 11 Update 5 and ColdFusion 10 Update 16 released

April 14, 2015 / Piyush Kumar Nayak

  Security | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11 | Hotfix | Updates

The following ColdFusion updates are now available for download:

ColdFusion 11 Update 5

This Update includes approximately 115 bug fixes related to Language, Mobile Support, File Management, Document Management, Administrator, Connector and several other areas.

It also addresses a vulnerability mentioned in the security bulletin APSB 15-07 and support for Apache 2.4.10. With this update the Web Server Config tool now backs up all the connector configurations files.

For the details refer this technote.

ColdFusion 10 Update 16

ColdFusion 10 Update 16 includes approximately 35 bug fixes related to File Management, ORM, Language, Document Management and certain other areas. It also addresses a vulnerability mentioned in the security bulletin APSB15-07.

For the details refer this technote.


Can I get an update? If you're looking for ColdFusion Updaters...

December 18, 2014 / Elishia Dvorak

  Adobe ColdFusion Builder 3 | Security | Administrator | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | Adobe ColdFusion Builder | ColdFusion | ColdFusion 11 | General | Hotfix

Many of you are looking for a central location to find the full list of ColdFusion Updaters.  We try to keep these updated for the core supported versions with links to the latest released updaters.  These are a good place to look for the full list of updaters available on each version along with a download link to the .jar file. 

 

ColdFusion 11: 

http://helpx.adobe.com/coldfusion/kb/coldfusion-11-updates.html

 

ColdFusion 10:

http://helpx.adobe.com/coldfusion/kb/coldfusion-10-updates.html

 

ColdFusion 9:

http://helpx.adobe.com/coldfusion/kb/hot-fixes-coldfusion-9.html

 

 

Additional updates for ColdFusion server and Builder:

http://www.adobe.com/support/coldfusion/downloads_updates.html

 

Read More


Updates for ColdFusion 11, ColdFusion 10 and ColdFusion 9 released

October 14, 2014 / Krishna Reddy

  Security | Adobe ColdFusion | Adobe ColdFusion 10 | Adobe ColdFusion 11 | ColdFusion | ColdFusion 11

The following ColdFusion updates are now available for download:

ColdFusion 11 Update 2

This update contains fixes for vulnerabilites mentioned in the security bulletin APSB14-23.

For the details refer this technote.

ColdFusion 10 Update 14

This update includes Tomcat upgrade to 7.0.54, Tomcat connector upgrade to 1.2.40, support for JDK 8 and Apache 2.4.x, fixes for vulnerabilites mentioned in the security bulletin APSB14-23 and fixes for 63 other bugs.

For the details refer this technote.

ColdFusion 9.0.2, ColdFusion 9.0.1 and ColdFusion 9.0 security update

This update contains fixes for vulnerabilities mentioned in the security bulletin APSB14-23.

For the details refer this technote.

 


Blue Mango Theme Design By Mark Aplet

Super Powered by Mango Blog