ColdFusion 11 Update 13
The update is cumulative and contains all previous updates applied to ColdFusion 11.
This security update requires ColdFusion to be on JDK 7u131 or higher.
Adobe recommends that you must manually update your ColdFusion JDK/JRE to the latest version.
In case you do not update the JDK/JRE, simply applying the update would NOT secure the server.
For Application Servers
Additionally, on J2EE installations, set the following JVM flag, "-Djdk.serialFilter=!org.mozilla.** ", in the respective startup file depending on the type of Application Server being used.
For examples ,
ColdFusion 11 Update 13 (release date September 12, 2017) includes the following changes:
This update is cumulative and includes fixes from all the previous ColdFusion 11 updates.
To see a list of all previous ColdFusion 11 updates, refer to the update page.
For the detailed list of bugs fixed in this update, refer to the list of bugs fixed.
Windows: <cf_root>/jre/bin/java.exe -jar <jar-file-dir>/hotfix_013.jar
Linux-based platforms: <cf_root>/jre/bin/java -jar <jar-file-dir>/hotfix_013.jar
Ensure that the JRE bundled with CF is used for executing the downloaded JAR. For standalone CF, this must be at, <cf_root>/jre/bin.
For further details on how to manually update the application, see the help article.
After applying this update, the ColdFusion build number should be 11,0,13,303668.
After installation, point the JDK to JDK 7u131 or JDK 8u121 or higher.
To uninstall the update, do one of the following:
If you can't uninstall the update using the above-mentioned uninstall options, the uninstaller could be corrupted. However, you can manually uninstall the update by doing the following: