ColdFusion (2016 release) Update 17
Core support for ColdFusion (2016 release) ended on Feb 16, 2021. There shall be no more updates or bug fixes to ColdFusion (2016 release). For more information and dates, see the EOL matrix for ColdFusion.
If you are applying Update 17 without applying Update 14, follow the Post Installation steps mentioned for Update 14.
Note: If you are already on Update 14, you can install Update 17 without any intermediate procedure.
If you are updating via ColdFusion Administrator:
The minimum update versions are Update 11 and higher for ColdFusion (2016 release), due to a recent change in code signing certificate.
The updates below are cumulative and contains all updates from previous ones. If you are skipping updates, you can apply the latest update, not those you are skipping. Further, you must take note of any changes that are implemented in each of the updates you are skipping.
To install previous updates, see ColdFusion (2016 release) Updates.
Updates in this release
ColdFusion (2016 release) Update 17 (release date, 22 March, 2021) includes fixes for the the security vulnerabilities that were reported in APSB21-16, and few other fixes.
Bugs fixed
| Bug ID | Description | Component |
|---|---|---|
| CF-4205372 | When running code analyzer, it will come back with an incorrect error for <cfcollection> when the "path" attribute is absent". |
Administrator : Code Analyzer |
| CF-4206044 | The Richtext editor does not display on Chrome. |
AJAX : UI Components |
| CF-4205358 | ColdFusion 2016 update 12 is unable to read jpg image. |
CFIMAGE |
| CF-4205355 | cfimage can no longer read mismatched file extension/mimetype after installing Update 12. |
CFIMAGE |
| CF-4204356 | After applying CF 2018 update 2 and above, a url does not work as expected on client-side CFChart (format="html"). |
Charting/Graphing : Client |
| CF-4209142 | There is a bug in CFChart type=JPG url attribute. | Charting/Graphing : Server |
| CF-4205181 | The Server side charting does not work as expected on a few OS. | Charting/Graphing : Server |
| CF-4207294 | Referencing an undefined struct value in a <cfif> statement causes a crash in unreachable code in some cases. |
Core Runtime |
| CF-4198194 | Invalid cfsqltypes are ignored. | Database : CFQuery |
| CF-4210952 | Oracle/MSSQL Driver affected by Proxy Settings in JVM Arguments. | Database : Oracle |
| CF-4206454 | An error occurs when using 'word-break: break-all;' used inside <cfdocument> tag. | Document Management : PDF generation |
| CF-4198342 | cfdocument stops working intermittently in some cases. | Document Management : PDF generation |
| CF-4209480 | After updating Java JRE/JDK to 1.8.0_261, there is an issue with CFPDF's ability to generate PDF files using the processddx option. |
Document Management : PDF manipulation |
| CF-4211081 | The maximum permissible size for uncompressed contents varies. | File Management : CFZip |
| CF-4207423 | A file with colon in name breaks DirectoryList() and DirectoryDelete(). | File Management : VFS-RAM |
| CF-4204857 | The June 2019 updates of CF 2018, 2016, and 11 blocks upload of files with no extension. |
General Server |
| CF-4205224 | While running cfinfo.bat/cfinfo.sh, a warning appears. |
Installation/Config : Scripts |
| CF-4208310 | The Elvis Operator is not thread safe and returns unexpected results. | Language |
| CF-4208572 | Validation for a variable in the underlying Coldfusion engine is occurring for a variable in an unreached branch BEFORE determining if that branch is reachable if the variable exists inside of an inline struct that's inside of a function call that's inside of a CFIF statement (that also has a CFELSE statement) that's surrounded by CFOUTPUT tags. |
Language |
| CF-4204882 | An argument is not treated as a struct by Query functions. | Language |
| CF-4204992 | When using safe navigation on an object that has keys which are considered "reserved keywords", ColdFusion will throw an error. |
Language |
| CF-4206403 | Certain CFML syntax causes unexpected behavior. | Language : Application Framework |
| CF-4206329 | After installing Update 13, the component initialization does not work as expected. | Language : CF Component |
| CF-4197194 | There is a scoping issue in a nested arrayEach function. | Language : Closures |
| CF-4204632 | There are issues with cookie expiration dates. | Language : Cookie |
| CF-4210721 | Executing isValid( "email", emailAddress ) returns true for two patterns, which are not valid email addresses. |
Language : Functions |
| CF-4205457 | Issues with REST service after updating the last update. | REST Services |
| CF-4202597 | Per-app mappings don't exist in REST CFCs. | REST Services |
Prerequisites
- On 64-bit computer, use 32-bit JRE for 32-bit ColdFusion and 64-bit JRE for 64-bit ColdFusion.
- If the ColdFusion server is behind a proxy, specify the proxy settings for the server to get the update notification and download the updates. Specify proxy settings using the system properties below in the jvm.config for a stand-alone installation, or corresponding script file for JEE installation.
- http.proxyHost
- http.proxyPort
- http.proxyUser
- http.proxyPassword
- For ColdFusion running on JEE application servers, stop all application server instances before installing the update.
Installation
For instructions on how to install this update, see Server Update section. For any questions related to updates, see this FAQ.
- The update can be installed from the Administrator of a ColdFusion instance or through the command-line option.
- Windows users can launch the ColdFusion Administrator using Start > All Programs > Adobe > Coldfusion 2016 > Administrator.
- Microsoft Windows 7, Windows 8, Windows 10, Windows Server 2008, and Windows Server 2012 users must use the “Run as Administrator” option to launch wsconfig tool at {cf_install_home}/{instance_name}/runtime/bin.
- If you get the following error when installing the update using the Download and Install option, ensure that the folder {cf_install_home}/{instance_name}/hf_updates has write permission: "An error occurred when performing a file operation write on file {cf_install_home}/{instance_name}/hf-updates/hotfix_017.properties".
- The connector configuration files are backed up at {cf_install_home}/config/ wsconfig /backup. Add back any custom changes made to the worker.properties file after reconfiguring the connector.
Installing the update manually
- Click the link to download the JAR.
- Execute the following command on the downloaded JAR. You must have privileges to start or stop ColdFusion service and full access to the ColdFusion root directory.
Windows: <cf_root>/jre/bin/java.exe -jar <jar-file-dir>/hotfix-017-325979.jar
Linux-based platforms: <cf_root>/jre/bin/java -jar <jar-file-dir>/hotfix-017-325979.jar
Ensure that the JRE bundled with ColdFusion is used for executing the downloaded JAR. For standalone ColdFusion, this must be at, <cf_root>/jre/bin.
Install the update from a user account that has permissions to restart ColdFusion services and other configured webservers .
For further details on how to manually update the application, see the help article.
Post installation
After applying this update, the ColdFusion build number should be 2016,0,17,325979.
Post installation, we recommend rebuilding or reconfiguring your connector.
Note: This holds true only if you have applied Update 16 without applying Update 14.
If you see Error 503 or Error 403 when firing up your websites, see the troubleshooting steps in the tech notes for Update 14.
Uninstallation
To uninstall the update, perform one of the following:
- In ColdFusion Administrator, click Uninstall in Server Update > Updates > Installed Updates.
- Run the uninstaller for the update from the command prompt. For example, java -jar {cf_install_home}/{instance_home}/hf_updates/hf-2016-00017-325979/uninstall/uninstaller.jar
If you can't uninstall the update using the above-mentioned uninstall options, the uninstaller could be corrupted. However, you can manually uninstall the update by doing the following:
- Delete the update jar from {cf_install_home}/{instance_name}/lib/updates.
- Copy all folders from {cf_install_home}/{instance_name}/hf-updates/{hf-2016-00017-325979}/backup directory to {cf_install_home}/{instance_name}/
Connector configuration
Sign in to your account