Raymond Camden's Picture

About Raymond Camden

Raymond is a senior developer evangelist for Adobe. He focuses on document services, JavaScript, and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA https://www.raymondcamden.com

Archived Comments

Comment 1 by Rick posted on 3/13/2012 at 11:36 PM

If only there were an easy way to ensure that all current updates (security and otherwise) are installed on a CF server......or is there? (Got any secrets you want to share? I only have under a dozen CF servers of various versions....so could use the help.)

Comment 2 by Raymond Camden posted on 3/14/2012 at 12:09 AM

For security, you should make use of Foundeo's HackMyCF service. It sounds scary, but it's an incredible service that will scan your machines and report issues to you. It's free, with a paid version. I cannot recommend it enough.

As for everything else, unfortunately there isn't a real nice way to do this. ColdFusion 10 makes it easier since you can go to your CF Admin and check there though.

Comment 3 by Michael Williams posted on 3/14/2012 at 6:15 AM

Wow. 14 steps to manually apply a security update. This is sad. I have a lot of servers. Adobe should do better than this.

Comment 4 by Raymond Camden posted on 3/14/2012 at 6:22 AM

As I said above, ColdFusion 10 makes it easier. You can install hotfixes via the admin.

Comment 5 by Michael Williams posted on 3/14/2012 at 7:12 AM

In a multi-server install would it be safe to patch the 1st instance: cfusion then build and ear from that instance and deploy new servers based on it using the Instance Manager? I suppose a .car could also work but I'm having trouble getting a .car created and deployed on my test server.

Comment 6 by Raymond Camden posted on 3/14/2012 at 7:15 AM

Hate to say it - but no idea. I never use multiserver.

Comment 7 by Michael Williams posted on 3/14/2012 at 7:22 AM

I got the Packaging & Deployment > J2EE Archives to make an ear of my /cfusion patched instance and then deployed it as a new instance /cfusion4 with all the settings and files from the /cfusion instance. It seems to be working. No errors thrown. This might be a good way to patch this monster on CF8 Enterprise if all your server instances share the same or near the same settings. Trying to find the support forums for CF on the adobe site to see if anyone else has tried this approach. I dont' think I've needed the support forums since the Macromedia days...

Comment 8 by Chris Bowyer posted on 3/15/2012 at 12:00 AM

Duh!

Instructions state...

Customers who have applied the previous Security Hotfix APSB11-14 (included in ColdFusion 9.0.1 Cumulative Hotfix 2), see Section1. If you have not applied the previous Security Hotfix APSB11-14, see Section 2.

As there is no reference in ColdFusion Administrator to hotfix numbers. Would ColdFusion version: 9,0,1,274733 mean Security Hotfix APSB11-14 has been applied?

Comment 9 by Dan O&aposKeefe posted on 3/16/2012 at 2:23 AM

@Chris, I tend to doubt it.

I am in the same boat and that is how I ended up here. Ray is right about the hackmysite.com service. You need the paid version to get the HF status. Other than that, I think going back to CHF1 and looking at the changes required, download the update and compare file dates/times to the files on your server is the best way to go. Then do the same for CHF2.

CHF1 08/31/2010 cpsid_86263
CHF2 09/15/2011 cpsid_91836
APSB11-29 12/13/2011
APSB12-06 03/13/2012

I believe that is the way it lays out.
Dan

Comment 10 by Eric Belair posted on 3/26/2012 at 9:52 PM

Running ColdFusion Version 8,0,1,195765. No idea what Cumulative Updates or Hotfixes are already applied. How should I proceed?

Comment 11 by Raymond Camden posted on 3/26/2012 at 10:06 PM

It should be visible if you hit the I in the upper right hand corner of the CF Admin. (The system info link.) There should be an update level.