ok to use microsoft speak... macromedia microsoft update service pack patch hotfix
does that help? We don't do autoupdate as that is just not appropriate to production environments. L. -----Original Message----- From: Snake Hollywood [mailto:[EMAIL PROTECTED]] Sent: 13 January 2003 18:52 To: [EMAIL PROTECTED] Subject: RE: [ cf-dev ] Fw: New Macromedia Security Zone Bulletins Posted So again we come to the question, what is the point of the update if it doesn't update itself and any othe rupdate sthat come out after it. > -----Original Message----- > From: Lucas Sherwood [mailto:[EMAIL PROTECTED]] > Sent: 13 January 2003 09:47 > To: '[EMAIL PROTECTED]' > Subject: RE: [ cf-dev ] Fw: New Macromedia Security Zone > Bulletins Posted > > > Umm... > Yes and no... > > Yes, the updater (2) installs most of them but there are some > after the updater... > > L. > > -----Original Message----- > From: Kola Oyedeji [mailto:[EMAIL PROTECTED]] > Sent: 13 January 2003 09:25 > To: [EMAIL PROTECTED] > Subject: RE: [ cf-dev ] Fw: New Macromedia Security Zone > Bulletins Posted > > Lucas > > Thanks for the link. I wasn't aware so many patches had been > released for CFMX. Are these included in any of the updaters > or do these need to be applied along with the updaters? > > > Thanks > > Kola > > >> -----Original Message----- > >> From: Lucas Sherwood [mailto:[EMAIL PROTECTED]] > >> Sent: 11 January 2003 09:52 > >> To: [EMAIL PROTECTED] > >> Subject: [ cf-dev ] Fw: New Macromedia Security Zone > Bulletins Posted > >> > >> I don't know how many of you subscribe to the security zone mailing > list > >> but > >> if you are an ISP this one is of interest... > >> > >> L. > >> ----- Original Message ----- > >> From: "Macromedia Security Zone" <[EMAIL PROTECTED]> > >> To: <[EMAIL PROTECTED]> > >> Sent: Friday, January 10, 2003 4:56 PM > >> Subject: New Macromedia Security Zone Bulletins Posted > >> > >> > >> > > >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >> > IMPORTANT: > >> > > >> > Several security issues that may affect Macromedia JRun and > >> > ColdFusion customers have come to our attention recently. > >> > > >> > To learn about these new issues and what actions you can take to > >> > address them, please visit the Security Zone at the Macromedia > >> > website: > >> > > >> > http://www.macromedia.com/security > >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >> > > >> > MSPB03-01 - Patch available for ColdFusion MX > Enterprise Edition > >> > sandbox security issue that allows templates to include > arbitrary > >> > files. > >> > > >> > Originally Posted: January 9, 2003 > >> > ~~~~~~~ > >> > SUMMARY > >> > > >> > The <cfinclude> tag and the <cfmodule> tag will accept filenames > >> > with relative paths as arguments. CFMX does not check > the Sandbox > >> > Security Files/Dirs permissions before including files > with these > >> > tags. This could allow a template to access unauthorized data > >> > using these tags. > >> > > >> > This does not affect any prior versions of ColdFusion. > >> > > >> > ~~~~~~~ > >> > WHAT CUSTOMERS SHOULD DO: > >> > > >> > > >> > We strongly encourage customers to download and install > this patch > >> > immediately. > >> > > >> > > >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >> > Reporting Security Issues > >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >> > > >> > Macromedia is committed to addressing security issues > and providing > >> > customers with the information on how they can protect > themselves. > >> > If you identify what you believe may be a security issue with a > >> > Macromedia product, please send an e-mail to > [EMAIL PROTECTED] > >> > We will work to appropriately address and communicate the issue. > >> > > >> > ~~~~~~~ > >> > Receiving Security Bulletins: > >> > > >> > When Macromedia becomes aware of a security issue that > we believe > >> > significantly affects our products or customers, we will notify > >> > customers when appropriate. Typically, this notification > will be in > >> > the form of a security bulletin explaining the issue and the > >> > response. Macromedia customers who would like to receive > >> > notification of new security bulletins when they are > released can > >> > sign up for our security notification service. > >> > > >> > For additional information on security issues at > Macromedia, please > >> > visit the Security Zone at: > >> > > >> > http://www.macromedia.com/security > >> > > >> > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > >> > THE INFORMATION PROVIDED BY MACROMEDIA IN THIS BULLETIN > >> > IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MACROMEDIA AND > >> > ITS SUPPLIERS DISCLAIM ALL WARRANTIES, WHETHER EXPRESS > OR IMPLIED > >> > OR OTHERWISE, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND > >> > FITNESS FOR A PARTICULAR PURPOSE. ALSO, THERE IS NO WARRANTY OF > >> > NON-INFRINGEMENT, TITLE OR QUIET ENJOYMENT. (USA ONLY) > >> > SOME STATES DO NOT ALLOW THE EXCLUSION OF IMPLIED > >> > WARRANTIES, SO THE ABOVE EXCLUSION MAY NOT APPLY TO YOU. > >> > > >> > IN NO EVENT SHALL MACROMEDIA, INC. OR ITS SUPPLIERS BE > LIABLE FOR > >> > ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DIRECT, > >> > INDIRECT, INCIDENTAL, CONSEQUENTIAL, SPECIAL, PUNITIVE, > COVER, LOSS > >> > OF PROFITS, BUSINESS INTERRUPTION OR THE LIKE, OR LOSS > OF BUSINESS > >> > DAMAGES, BASED ON ANY THEORY OF LIABILITY INCLUDING BREACH OF > >> > CONTRACT, BREACH OF WARRANTY, TORT(INCLUDING NEGLIGENCE), > >> > PRODUCT LIABILITY OR OTHERWISE, EVEN IF MACROMEDIA, INC. > >> > OR ITS SUPPLIERS OR THEIR REPRESENTATIVES HAVE BEEN > >> > ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. (USA ONLY) > >> > SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF > >> > LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES, SO THE > >> > ABOVE EXCLUSION OR LIMITATION MAY NOT APPLY TO YOU AND > >> > YOU MAY ALSO HAVE OTHER LEGAL RIGHTS THAT VARY FROM STATE > >> > TO STATE. > >> > > >> > Macromedia reserves the right to update the information in this > >> > document with current information. > >> > > >> > >> > >> -- > >> ** Archive: > http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > >> > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: > [EMAIL PROTECTED] For > >> human help, e-mail: [EMAIL PROTECTED] > > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] For human help, e-mail: > [EMAIL PROTECTED] > > -- > ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ > > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] For human help, e-mail: > [EMAIL PROTECTED] > > -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED] -- ** Archive: http://www.mail-archive.com/dev%40lists.cfdeveloper.co.uk/ To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] For human help, e-mail: [EMAIL PROTECTED]
