EPISODE · Nov 21, 2023 · 33 MIN
Modernize or Die® - CFML News Podcast for November 21st, 2023 - Episode 207
from Modernize or Die ® Podcast · host Ortus Solutions
2023-11-21 Weekly News — Episode 207Watch the video version on YouTube at https://youtube.com/live/1aeDZ7q5Y2E?feature=share Hosts: Eric Peterson - Senior Developer at Ortus SolutionsDaniel Garcia - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:Buy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/Like and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (flabbergasting)We have 42 patreons: https://www.patreon.com/ortussolutions. News and AnnouncementsNCC Group - Technical Advisory: Adobe ColdFusion WDDX Deserialization GadgetsAdobe ColdFusion allows software developers to rapidly build web applications. Recently, a critical vulnerability was identified in the handling of Web Distributed Data eXchange (WDDX) requests to ColdFusion Markup (CFM) endpoints. Multiple patches were released by Adobe to resolve the vulnerability, and each has been given its own CVE and Adobe security update.https://research.nccgroup.com/2023/11/21/technical-advisory-adobe-coldfusion-wddx-deserialization-gadgets/ Ortus End of the Year Sale is Finally Here!The much-anticipated Ortus End-of-the-Year Sale has arrived, and it's time to elevate your development experience! Whether you're a seasoned developer, a tech enthusiast, or someone on the lookout for top-notch projects, Ortus has something special in store for you. Brace yourself for incredible discounts across a wide array of products and services, including Ortus annual events, books, cutting-edge services, and more.https://www.ortussolutions.com/blog/ortus-deals-are-finally-here New Releases and UpdatesAdobe November Updates - Security FixesAdobe for ColdFusion 2023 (update 6) and 2021 (update 12)Previous versions no longer receive security updates!!!CommandBox has already been updatedSecurity updates available for Adobe ColdFusion | APSB23-52 - https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html https://community.adobe.com/t5/coldfusion-discussions/now-live-adobe-coldfusion-2023-and-2021-november-security-updates/m-p/14233917#M196421 Note: Reported WDDX related issues by some customersMore details from Charlie Arehart: https://www.carehart.org/blog/2023/11/14/cf_security_updates_nov_2023#more ICYMI - 10/23/2023- Added Java installers for Java 17.0.9, Java 11.0.21 & JDK/JRE 8u39110/10/2023- Refreshed the Server ZIP and GUI installers, Lockdown installer, and Add-on installer for ColdFusion (2023 release).https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html#download0Avoid issues with Update thanks for Brian for this post: https://www.hoyahaxa.com/2023/10/coldfusion-connectors-and-cfadmin.html The new connectors in ColdFusion 2023 Update 5 and ColdFusion 2021 Update 11 perform the following actions:normalize the request URIblock any requests with .. in the URI path (which could be attempts to exploit directory traversal vulnerabilities)block any requests in which the normalized URI path starts with a case-insensitive /CFIDE ColdBox 7.2.0 ReleasedWelcome to ColdBox 7.2.0, which packs a big punch on stability and tons of new features.Includes lots of updates for all the core products: ColdBox, WireBox, CacheBox, and LogBox.ColdBox, 10 new features, 6 improvements and 4 bug fixesLogBox has 3 new features, 4 improvements, 2 bug fixes and a taskWith WireBox including a new feature and CacheBox has an Improvement.https://coldbox.ortusbooks.com/readme/release-history/whats-new-with-7.2.0 Webinar / Meetups and WorkshopsICYMI - MMCFUG - How to containerize CFML apps for the cloud with Nick Kwiatkowski from Michigan StateNovember 13th, 2023Nick Kwiatkowski from MSU Telecom is going to show us how to containerize CFML apps for the cloud at the next meeting of the Mid-Michigan tonight at 7 pm eastern time. Docker, Tanzu, Kubernetes and more.https://youtu.be/fYQ-BBKir7Q Hawaii ColdFusion Meetup Group - InertiaJS and ColdFusion with Eric PetersonNovember 24thInertiaJS is a new JavaScript framework made for people who don’t really need an API but want to use a modern JavaScript framework like React or Vue as their view layer. Inspired by libraries like Turbolinks, InteriaJS makes your app behave like a SPA while still being a fully sever-rendered app.https://www.meetup.com/hawaii-coldfusion-meetup-group/events/294771761/ ColdFusion Security TrainingWriting Secure CFML with Pete FreitagA hands-on CFML / ColdFusion Security Training class for developers. Learn how to identify and fix security vulnerabilities in your ColdFusion / CFML applications.Where: OnlineWhen: Tuesday December 12, 2023 @ 11am-2pmEST & Wednesday December 13 @ 11am-2pmPrice: $899 per studenthttps://foundeo.com/consulting/coldfusion/security-training/ The class will be recorded, so if you cannot attend it fully online you will have access to a recording....
What this episode covers
2023-11-21 Weekly News — Episode 207Watch the video version on YouTube at https://youtube.com/live/1aeDZ7q5Y2E?feature=share Hosts: Eric Peterson - Senior Developer at Ortus SolutionsDaniel Garcia - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:Buy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/Like and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (flabbergasting)We have 42 patreons: https://www.patreon.com/ortussolutions. News and AnnouncementsNCC Group - Technical Advisory: Adobe ColdFusion WDDX Deserialization GadgetsAdobe ColdFusion allows software developers to rapidly build web applications. Recently, a critical vulnerability was identified in the handling of Web Distributed Data eXchange (WDDX) requests to ColdFusion Markup (CFM) endpoints. Multiple patches were released by Adobe to resolve the vulnerability, and each has been given its own CVE and Adobe security update.https://research.nccgroup.com/2023/11/21/technical-advisory-adobe-coldfusion-wddx-deserialization-gadgets/ Ortus End of the Year Sale is Finally Here!The much-anticipated Ortus End-of-the-Year Sale has arrived, and it's time to elevate your development experience! Whether you're a seasoned developer, a tech enthusiast, or someone on the lookout for top-notch projects, Ortus has something special in store for you. Brace yourself for incredible discounts across a wide array of products and services, including Ortus annual events, books, cutting-edge services, and more.https://www.ortussolutions.com/blog/ortus-deals-are-finally-here New Releases and UpdatesAdobe November Updates - Security FixesAdobe for ColdFusion 2023 (update 6) and 2021 (update 12)Previous versions no longer receive security updates!!!CommandBox has already been updatedSecurity updates available for Adobe ColdFusion | APSB23-52 - https://helpx.adobe.com/security/products/coldfusion/apsb23-52.html https://community.adobe.com/t5/coldfusion-discussions/now-live-adobe-coldfusion-2023-and-2021-november-security-updates/m-p/14233917#M196421 Note: Reported WDDX related issues by some customersMore details from Charlie Arehart: https://www.carehart.org/blog/2023/11/14/cf_security_updates_nov_2023#more ICYMI - 10/23/2023- Added Java installers for Java 17.0.9, Java 11.0.21 & JDK/JRE 8u39110/10/2023- Refreshed the Server ZIP and GUI installers, Lockdown installer, and Add-on installer for ColdFusion (2023 release).https://helpx.adobe.com/coldfusion/kb/coldfusion-downloads.html#download0Avoid issues with Update thanks for Brian for this post: https://www.hoyahaxa.com/2023/10/coldfusion-connectors-and-cfadmin.html The new connectors in ColdFusion 2023 Update 5 and ColdFusion 2021 Update 11 perform the following actions:normalize the request URIblock any requests with .. in the URI path (which could be attempts to exploit directory traversal vulnerabilities)block any requests in which the normalized URI path starts with a case-insensitive /CFIDE ColdBox 7.2.0 ReleasedWelcome to ColdBox 7.2.0, which packs a big punch on stability and tons of new features.Includes lots of updates for all the core products: ColdBox, WireBox, CacheBox, and LogBox.ColdBox, 10 new features, 6 improvements and 4 bug fixesLogBox has 3 new features, 4 improvements, 2 bug fixes and a taskWith WireBox including a new feature and CacheBox has an Improvement.https://coldbox.ortusbooks.com/readme/release-history/whats-new-with-7.2.0 Webinar / Meetups and WorkshopsICYMI - MMCFUG - How to containerize CFML apps for the cloud with Nick Kwiatkowski from Michigan StateNovember 13th, 2023Nick Kwiatkowski from MSU Telecom is going to show us how to containerize CFML apps for the cloud at the next meeting of the Mid-Michigan tonight at 7 pm eastern time. Docker, Tanzu, Kubernetes and more.https://youtu.be/fYQ-BBKir7Q Hawaii ColdFusion Meetup Group - InertiaJS and ColdFusion with Eric PetersonNovember 24thInertiaJS is a new JavaScript framework made for people who don’t really need an API but want to use a modern JavaScript framework like React or Vue as their view layer. Inspired by libraries like Turbolinks, InteriaJS makes your app behave like a SPA while still being a fully sever-rendered app.https://www.meetup.com/hawaii-coldfusion-meetup-group/events/294771761/ ColdFusion Security TrainingWriting Secure CFML with Pete FreitagA hands-on CFML / ColdFusion Security Training class for developers. Learn how to identify and fix security vulnerabilities in your ColdFusion / CFML applications.Where: OnlineWhen: Tuesday December 12, 2023 @ 11am-2pmEST & Wednesday December 13 @ 11am-2pmPrice: $899 per studenthttps://foundeo.com/consulting/coldfusion/security-training/ The class will be recorded, so if you cannot attend it fully online you will have access to a recording....
NOW PLAYING
Modernize or Die® - CFML News Podcast for November 21st, 2023 - Episode 207
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m