38 min.
Modernize or Die® - CFML News Podcast for April 2nd, 2024 - Episode 213 Modernize or Die ® Podcast - CFML News Edition
-
- Stap voor stap
2024-04-02 Weekly News — Episode 213Watch the video version on YouTube at https://youtube.com/live/Vg81ar7GfW4?feature=share Hosts:
Eric Peterson - Senior Developer at Ortus SolutionsGrant Copley - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:
Buy workshop tickets to CF Summit East Event Date: April 24, 2024Hosted By: Adobe & CarahsoftLocation: Reston, VABuy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/MAY 15th - 17th,2024 - Washington, DCLike and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (phenomenal)
We have 46 patreons: https://www.patreon.com/ortussolutions.
News and AnnouncementsCVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published
Security researcher ma4ter has revealed details of a dangerous security vulnerability (CVE-2024-20767) in Adobe ColdFusion, also, another researcher published the proof-of-concept (PoC) exploit code. This flaw originally reported to Adobe, could be exploited to read arbitrary files on an affected server, potentially exposing highly confidential information. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction.
Patch released on March 12, 2024.Only vulnerable if you had the Performance Monitoring Toolset enabled and accessible via /pms.https://securityonline.info/cve-2024-20767-critical-adobe-coldfusion-flaw-exposes-sensitive-files-poc-published/https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
New Releases and UpdatesNew Adobe Releases
Key enhancements include:
Scope Variable Changes: Enhanced functionality for optimized performance.CFDocument Updates: Upgrades for smoother document handling.Major Library Upgrades: Keeping your application’s backbone strong and secure.CKEditor Changes: Enhanced editing features for a better user experience.Versions:- 2021.0.13+330286- 2023.0.07+330663
https://www.fusion-reactor.com/blog/adobe-coldfusion-important-upgrades-and-cf-summit-east-2024/
https://twitter.com/bdw429s/status/1772726892296130810
Quick 7.4 – 8New hasManyDeep relationship and revamped hasManyThrough.Better performance, correct constraints, and increased readability.
https://quick.ortusbooks.com/whats-newqb 9.8New withAlias function that will automatically rename fully qualified columns with the old name or alias.https://qb.ortusbooks.com/whats-new
Megaphone 1.0.1Uses the default cbMailServices email provider and logs success and failure by default.https://megaphone.ortusbooks.com/whats-new
CFCasts Content Updateshttps://www.cfcasts.com
Recent Releases
Getting Started with Cloud Migrations by Daniel Garciahttps://cfcasts.com/series/ortus-bytes/videos/cloud-migrations-getting-startedWindows Terminal Enhancements using Oh My Posh by Jaime Ramirezhttps://cfcasts.com/series/ortus-bytes/videos/1-windows-terminal-enhancements-using-oh-my-poshConferences and TrainingCF Summit EastWednesday, April 24, 2
2024-04-02 Weekly News — Episode 213Watch the video version on YouTube at https://youtube.com/live/Vg81ar7GfW4?feature=share Hosts:
Eric Peterson - Senior Developer at Ortus SolutionsGrant Copley - Senior Developer at Ortus SolutionsThanks to our Sponsor - Ortus SolutionsThe makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. A few ways to say thanks back to Ortus Solutions:
Buy workshop tickets to CF Summit East Event Date: April 24, 2024Hosted By: Adobe & CarahsoftLocation: Reston, VABuy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/MAY 15th - 17th,2024 - Washington, DCLike and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes Patreon Support (phenomenal)
We have 46 patreons: https://www.patreon.com/ortussolutions.
News and AnnouncementsCVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published
Security researcher ma4ter has revealed details of a dangerous security vulnerability (CVE-2024-20767) in Adobe ColdFusion, also, another researcher published the proof-of-concept (PoC) exploit code. This flaw originally reported to Adobe, could be exploited to read arbitrary files on an affected server, potentially exposing highly confidential information. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction.
Patch released on March 12, 2024.Only vulnerable if you had the Performance Monitoring Toolset enabled and accessible via /pms.https://securityonline.info/cve-2024-20767-critical-adobe-coldfusion-flaw-exposes-sensitive-files-poc-published/https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html
New Releases and UpdatesNew Adobe Releases
Key enhancements include:
Scope Variable Changes: Enhanced functionality for optimized performance.CFDocument Updates: Upgrades for smoother document handling.Major Library Upgrades: Keeping your application’s backbone strong and secure.CKEditor Changes: Enhanced editing features for a better user experience.Versions:- 2021.0.13+330286- 2023.0.07+330663
https://www.fusion-reactor.com/blog/adobe-coldfusion-important-upgrades-and-cf-summit-east-2024/
https://twitter.com/bdw429s/status/1772726892296130810
Quick 7.4 – 8New hasManyDeep relationship and revamped hasManyThrough.Better performance, correct constraints, and increased readability.
https://quick.ortusbooks.com/whats-newqb 9.8New withAlias function that will automatically rename fully qualified columns with the old name or alias.https://qb.ortusbooks.com/whats-new
Megaphone 1.0.1Uses the default cbMailServices email provider and logs success and failure by default.https://megaphone.ortusbooks.com/whats-new
CFCasts Content Updateshttps://www.cfcasts.com
Recent Releases
Getting Started with Cloud Migrations by Daniel Garciahttps://cfcasts.com/series/ortus-bytes/videos/cloud-migrations-getting-startedWindows Terminal Enhancements using Oh My Posh by Jaime Ramirezhttps://cfcasts.com/series/ortus-bytes/videos/1-windows-terminal-enhancements-using-oh-my-poshConferences and TrainingCF Summit EastWednesday, April 24, 2
38 min.