Thanks Charlie, Cameron for keeping us updated with the latest. Charlie, thanks for those blog entries. Really appreciate all your help.
<Ajas Mohammed /> iUseDropbox(http://db.tt/63Lvone9) http://ajashadi.blogspot.com We cannot become what we need to be, remaining what we are. No matter what, find a way. Because thats what winners do. You can't improve what you don't measure. Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution; it represents the wise choice of many alternatives. On Wed, Jan 16, 2013 at 12:56 AM, Charlie Arehart <char...@carehart.org>wrote: > Ok, call off the alarm (those of you on 9.0.2). It turns out that the > confusion about the new hotfix (regarding 9.0.2) was just a mistake in the > technote. All is as it should be, and everyone ought to apply this hotfix > ASAP. :-) > > BTW, since writing my comment earlier, I have come out with a part 3 > entry, on the hotfix and more. > > > http://www.carehart.org/blog/client/index.cfm/2013/1/15/Part3_serious_security_threat > > Still planning a part 4, with post mortem and more. A bit busy now to > commit to when. :-) > > /charlie**** > > ** ** > > *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Charlie > Arehart > *Sent:* Tuesday, January 15, 2013 3:44 PM > *To:* discussion@acfug.org > *Subject:* RE: [ACFUG Discuss] New CF Vulnerability - Check your servers** > ** > > ** ** > > Thanks for sharing it here, Cam. > > Do beware, though: for those on 9.0.2, there’s a glitch in the hotfix (a > missing web-inf.zip within the cf902.zip). > > I’ve added a comment on the blog entry that points to that ( > http://blogs.coldfusion.com/post.cfm/coldfusion-security-update-for-version-9-and-above), > but obviously those who go straight to the technote wouldn’t see that. > Hopefully Adobe will fix this ASAP. > > To be clear, this warning is only for those on 9.0.2. Those on 9.0, 9.0.1, > or 10 should absolutely proceed with the hotfix as provided.**** > > ** ** > > /charlie**** > > **** > > ------------------------------------------------------------- > To unsubscribe from this list, manage your profile @ > http://www.acfug.org?fa=login.edituserform > > For more info, see http://www.acfug.org/mailinglists > Archive @ http://www.mail-archive.com/discussion%40acfug.org/ > List hosted by FusionLink <http://www.fusionlink.com> > ------------------------------------------------------------- >
