ColdFusion 11 Update 15
The update is cumulative and contains all previous updates applied to ColdFusion 11.
This security update requires ColdFusion to be on JDK 7u131 or JDK 8u121 or higher. Adobe recommends that you must manually update your ColdFusion JDK/JRE to the latest version. In case you do not update the JDK/JRE, simply applying the update would NOT secure the server.
For Application Servers
Additionally, on J2EE installations, set the following JVM flag, "-Djdk.serialFilter= !org.mozilla.**;!com.sun.syndication.**;!org.apache.commons.beanutils.**", in the respective startup file depending on the type of Application Server being used.
Set the JVM flags on a JEE installation of ColdFusion, not on a standalone installation.
ColdFusion 11 Update 15 (release date, 11 September 2018) includes the following changes:
This update is cumulative and includes fixes from all the previous ColdFusion 11 updates.
To see a list of all previous ColdFusion 11 updates, refer to the update page.
For the detailed list of bugs fixed in this update, refer to the list of bugs fixed.
For a list of known issues, see Known issues.
Windows: <cf_root>/jre/bin/java.exe -jar <jar-file-dir>/hotfix_015.jar
Linux-based platforms: <cf_root>/jre/bin/java -jar <jar-file-dir>/hotfix_015.jar
Ensure that the JRE bundled with CF is used for executing the downloaded JAR. For standalone CF, this must be at, <cf_root>/jre/bin.
For further details on how to manually update the application, see the help article.
After applying this update, the ColdFusion build number should be 11,0,15,311399.
To uninstall the update, do one of the following:
If you can't uninstall the update using the above-mentioned uninstall options, the uninstaller could be corrupted. However, you can manually uninstall the update by doing the following:
Oct 01, 2018 : Contains work-arounds for two known issues. For more information, see Known issues