ColdFusion (2016 release) Update 5
To install the latest security fixes, Adobe recommends that you point the JDK to version 8u121 or higher.
For Application Servers
Additionally, on J2EE installations, set the following JVM flag, "-Djdk.serialFilter=!org.mozilla.** ", in the respective startup file depending on the type of Application Server being used.
ColdFusion (2016 release) Update 5 ( release date September 12, 2017) includes the following changes:
For more information, refer to the release notes.
Note: This update is specific to ColdFusion (2016 release)
To view all ColdFusion (2016 release) updates, see the Updates page.
For the detailed list of bugs fixed in this update, refer to Bugs fixed list.
Windows: <cf_root>/jre/bin/java.exe -jar <jar-file-dir>/hotfix-005-303689.jar
Linux-based platforms: <cf_root>/jre/bin/java -jar <jar-file-dir>/hotfix-005-303689.jar
Ensure that the JRE bundled with ColdFusion is used for executing the downloaded JAR. For standalone ColdFusion, this must be at, <cf_root>/jre/bin.
Install the update from a user account that has permissions to restart ColdFusion services and other configured webservers .
For further details on how to manually update the application, see the help article.
After applying this update, the ColdFusion build number should be 2016,0,05,303689.
To uninstall the update, perform one of the following:
If you can't uninstall the update using the above-mentioned uninstall options, the uninstaller could be corrupted. However, you can manually uninstall the update by doing the following: