I am currently working with scheduled task event handlers and I was wondering if there was any documentation in regards to the

fireInstanceID

returned in the handler functions ( I could not find any ). At the moment I am using

bigint

to store it as

int

was too small, but I wanted to confirm this was safe to continue to use as I am using the event handler to keep a log of task execution, completions and errors if any.

(i was wrong, the time was "not quite yet")

The time is here, the time is now! CANCEL ALL YOUR WEEKEND PLANS! 😄 We are pleased to announce the opening of the CF Fortuna Open #Beta, now available on the Adobe Prerelease site! Features available in this release include: * GraphQL Client (native GQL support for consuming GraphQL endpoints) * Google Cloud Platform (FireStore) * Google Cloud Platform (GCPStorage) * Google Cloud Platform (PubSub) * Central Configuration Service * HTML to PDF engine upgrade * PMT Integrations for GCP (Firestore, Pub/Sub, Storage monitoring) * JSON Web Tokens * SSO CF Administrator (LDAP/SAML support) If you are interested in taking part, please sign up for free here to download installers & documentation for Windows, Linux and Mac platforms (as well as Docker!) https://www.adobeprerelease.com/beta/48C2D737-9CB4-445E-E39C-90CB6381919A Docker files available from Docker Hub and AWS ECR. DockerHub image: adobecoldfusion/fortuna:latest AWS ECR: public.ecr.aws/adobe/fortuna:latest FOR BUGS & ISSUES, PLEASE USE THE OFFICIAL PRERELEASE FORUMS (Engineers & support staff are assigned to watch the forums, which are now separated into all of the new features, including documentation for that feature.)

I just ran the CF2021 installer again on my LINUX system to change the user. Websockets did not kick back on so I uninstalled the package and attempted to reinstall. Now I am getting an encryption error: “An error has occurred while installing the package websocket. Exception : An error occurred while trying to encrypt or decrypt your input string: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.” Anyone?

It looks like cffiddle.org is down

{
  "status": 500,
  "error": "None",
  "message": "I/O error on POST request for \"<http://cf2021.cffiddle.org:8500/cffiddle/c85fa036-5a93-423a-b748-4f0852e91d64/b0faac60-e774-4e5c-aff0-ce794e966d29/tmp_9c697291-50c9-4fad-b3ff-8dc1e0db29b8.cfm?__fiddlecall=true&__sandbox=c85fa036-5a93-423a-b748-4f0852e91d64&__appid=b0faac60-e774-4e5c-aff0-ce794e966d29>\": Connect to <http://cf2021.cffiddle.org:8500|cf2021.cffiddle.org:8500> [<http://cf2021.cffiddle.org/10.0.0.4|cf2021.cffiddle.org/10.0.0.4>] failed: Connection refused (Connection refused); nested exception is org.apache.http.conn.HttpHostConnectException: Connect to <http://cf2021.cffiddle.org:8500|cf2021.cffiddle.org:8500> [<http://cf2021.cffiddle.org/10.0.0.4|cf2021.cffiddle.org/10.0.0.4>] failed: Connection refused (Connection refused)",
  "timeStamp": 1678715421916,
  "path": null
}

ANNOUNCEMENT: CF2021 & CF2018 Security Updates https://community.adobe.com/t5/coldfusion-discussions/released-coldfusion-2021-and-2018-march-2023-security-updates/td-p/13649873

Did we ever get a better way to create Java objects than

createObject()

? I think Lucee has a more integrated syntax but I can't remember whether the tickets requesting better syntax in ACF ever happened?

@carehart can you ping this channel when you post the update to your comment on the adobe post RE the latest exploit?

Also in the latest bulletin it says you’ve added jvm flags wrt to the exploit but not a) whether we should use them or just apply the update and b) what the correct setting is.

In this release, we’ve addressed some security vulnerabilities and added the following jvm flags to that effect.

-Dcoldfusion.cfclient.enable=true/false

-Dcoldfusion.cfclient.allowNonCfc=true/false

so cool that you added them but are they required for mitigation and if so is it true or false they should be set to?

(@saghosh)

Also the UK version of the update page doesn’t have update 16 listed

@salted The other EN pages are getting localized as I write. Usually takes 24-48 hrs. Meanwhile, you can refer the EN page for a while.

Can you pls send me the url @salted I'll get it checked?

I’m giving @carehart a quick shout-out for his most recent blog post about the most recent ColdFusion updates and the additional information about what that update addresses and steps needing to be taken. Thank you, Charlie. https://www.carehart.org/blog/2023/3/17/coldfusion_march_2023_emergency_update

Has anyone else had trouble with the GUI updater (in CFIDE) failing to apply updates?

The Manual Install instructions are atrociously bad. All I had to do was to download the hotfix jar and run it as root. I don’t know what all of that other stuff about unzipping and “the repository” and editing XML files was about.

Adobe's response to this latest patch seems a bit 'muted'. It reads very much like every other recent CF update. Yet reading Charlie's post (thanks Charlie!!) it seems like a very serious situation.

Cockroaches and CF11 will be all thats left of humanity one day. Thanks for keeping it alive @carehart!

After updating Coldfusion 2021 to update 6, I'm greeted by "The administrator module is not installed." It recommends to use cfpm to "install administrator". This doesn't work and just returns null twice. The website still loads luckily. Any idea what broke or how to fix it. The install log shows 1551 Successes and 0 issues. Thanks.

Just looking for a bit of clarification on generatebcrypthash and whether it tacks on a salt itself or I should do so before hashing?

can’t seem to find info one way or another

After installing update 16 on ACF 2018 this weekend, we are greeted with "Reason: SERVER ERROR - Error occurred while generating PDF" errors all morning. The command on this line is: cfhtmltopdf (which is the only place in our code we use this. We've always gone old school with cddocument... Has anyone else seen an error like this? I did restart the "ColdFusion2018Add-onServices" but it did not help.

Just looking for a bit of clarification on generatebcrypthash and whether it tacks on a salt itself or I should do so before hashing?

Anyone Adobe seen this and have an answer or a pointer to docs for me?

After installing ACF 2018 u16 w/ JVM 11.0.18 last night, our app has blown up. It appears the arrow operators/Lambdas have been regressed. This has been reproduced locally. "varB" is a query results with four columns.

local.varA = local.get_varB.reduce( (val, row) => {
    val.append(row);
    return val;
}, [] );

returns ...$func_CF_ANONYMOUSCLOSURE_413 in the try/catch cause message. by switching the arrow operator to a function, the code starts working. The "regressed" code fix below works:

local.varA = local.get_varB.reduce( function(val, row) {
    val.append(row);
    return val;
}, [] );

I am planning on reporting this to Adobe (@sandip_halder) but wanted to see if anyone had any input on this or have hear the same?

I think you've posted the same code twice? I see no arrow function @Chris Tierney

Thanks... I'm looking.

@Mark Takata (Adobe) I'm looking through the SQS docs today and wondering if Adobe built any event gateway integrations with this as it would be a perfect fit to be able to use the

sendGatewayMessage()

BIF and register a gateway listener to respond to incoming messages with SQS as the backend. It would especially solve the issue of creating a listener, which ATM would require you to build your own CFThread plumbing with long polling enabled for a queue, but all of this could be abstracted perfectly into an event gateways listener that simply response to new messages like the existing ActiveMQ one does.