Modernize or Die® - CFML News Podcast for April 2nd, 2024 - Episode 213

2024-04-02 Weekly News — Episode 213

Watch the video version on YouTube at https://youtube.com/live/Vg81ar7GfW4?feature=share
 
Hosts: 

Eric Peterson - Senior Developer at Ortus SolutionsGrant Copley - Senior Developer at Ortus Solutions

Thanks to our Sponsor - Ortus Solutions

The makers of ColdBox, CommandBox, ForgeBox, TestBox and all your favorite box-es out there. 
A few ways to say thanks back to Ortus Solutions:

Buy workshop tickets to CF Summit East Event Date: April 24, 2024Hosted By: Adobe & CarahsoftLocation: Reston, VABuy Tickets to Into the Box 2024 in Washington DC https://www.intothebox.org/MAY 15th - 17th,2024 - Washington, DCLike and subscribe to our videos on YouTube. Help ORTUS reach for the Stars - Star and Fork our ReposStar all of your Github Box Dependencies from CommandBox with https://www.forgebox.io/view/commandbox-github Subscribe to our Podcast on your Podcast Apps and leave us a review AND WE WILL READ IT ON THE SHOWSign up for a free or paid account on CFCasts, which is releasing new content regularlyBOXLife store: https://www.ortussolutions.com/about-us/shopBuy Ortus’s Books102 ColdBox HMVC Quick Tips and Tricks on GumRoad (http://gum.co/coldbox-tips)Now on Amazon! In hardcover too!!!https://www.amazon.com/dp/B0CJHB712MLearn Modern ColdFusion (CFML) in 100+ Minutes - Free online https://modern-cfml.ortusbooks.com/ or buy an EBook or Paper copy https://www.ortussolutions.com/learn/books/coldfusion-in-100-minutes 

Patreon Support (phenomenal)

We have 46 patreons:
https://www.patreon.com/ortussolutions.

News and Announcements

CVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published

Security researcher ma4ter has revealed details of a dangerous security vulnerability (CVE-2024-20767) in Adobe ColdFusion, also, another researcher published the proof-of-concept (PoC) exploit code. This flaw originally reported to Adobe, could be exploited to read arbitrary files on an affected server, potentially exposing highly confidential information. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction.

Patch released on March 12, 2024.Only vulnerable if you had the Performance Monitoring Toolset enabled and accessible via /pms.

https://securityonline.info/cve-2024-20767-critical-adobe-coldfusion-flaw-exposes-sensitive-files-poc-published/
https://helpx.adobe.com/security/products/coldfusion/apsb24-14.html

New Releases and Updates

New Adobe Releases

Key enhancements include:

Scope Variable Changes: Enhanced functionality for optimized performance.CFDocument Updates: Upgrades for smoother document handling.Major Library Upgrades: Keeping your application’s backbone strong and secure.CKEditor Changes: Enhanced editing features for a better user experience.

Versions:
- 2021.0.13+330286
- 2023.0.07+330663

https://www.fusion-reactor.com/blog/adobe-coldfusion-important-upgrades-and-cf-summit-east-2024/

https://twitter.com/bdw429s/status/1772726892296130810

Quick 7.4 – 8
New hasManyDeep relationship and revamped hasManyThrough.
Better performance, correct constraints, and increased readability.

https://quick.ortusbooks.com/whats-new

qb 9.8
New withAlias function that will automatically rename fully qualified columns with the old name or alias.
https://qb.ortusbooks.com/whats-new

Megaphone 1.0.1
Uses the default cbMailServices email provider and logs success and failure by default.
https://megaphone.ortusbooks.com/whats-new

CFCasts Content Updates

https://www.cfcasts.com

Recent Releases

Getting Started with Cloud Migrations by Daniel Garciahttps://cfcasts.com/series/ortus-bytes/videos/cloud-migrations-getting-startedWindows Terminal Enhancements using Oh My Posh by Jaime Ramirezhttps://cfcasts.com/series/ortus-bytes/videos/1-windows-terminal-enhancements-using-oh-my-posh

Conferences and Training

CF Summit East
Wednesday, April 24, 2024
8:00am - 4:00pm
Carahsoft Conference & Collaboration Center
11493 Sunset Hills Road,
Reston, VA 20190
Registration: https://carahevents.carahsoft.com/Event/Details/429564-adobe

ACP Training prior to CF Summit East
https://www.carahsoft.com/learn/event/50992-acp-adobe-coldfusion-at-adobe-cf-summit-east

ColdBox 7 Workshop at Adobe CF Summit East 2024
A Deep Dive into ColdBox 7.2
Date: April 25th - 26th, 2024 | After Adobe CFSummit East
Speakers: Luis Majano, creator of ColdBox
Elevate Your CFML Development Skills!
Master ColdBox 7.2 from the Ground Up in Our Workshop Following CFSummit East 2024
Calling all CFML developers and enthusiasts! We are thrilled to announce an upcoming event that promises to elevate your skills and empower you with ColdBox's latest updates and features. This two-day workshop is led by the creator of ColdBox, Luis Majano. You'll dive into ColdBox 7.2, exploring new features, updates, and fixes to build modern, high-quality projects.
Whether you're a beginner looking to jumpstart your journey into the MVC ecosystem or an experienced developer seeking to refine your ColdBox skills, this workshop is designed to meet your needs. Get ready for an immersive experience that keeps you at the forefront of ColdBox development!
Tickets are limited, get yours now and save with early bird pricing
https://www.ortussolutions.com/blog/a-deep-dive-into-coldbox-72

ITB 2024

Location: Optica in Washingto...