Adobe should be paying you Charlie...
On Wed, Jan 16, 2013 at 9:39 AM, Ajas Mohammed <ajash...@gmail.com> wrote: > Thanks Charlie, Cameron for keeping us updated with the latest. > > Charlie, thanks for those blog entries. Really appreciate all your help. > > <Ajas Mohammed /> > iUseDropbox(http://db.tt/63Lvone9) > http://ajashadi.blogspot.com > We cannot become what we need to be, remaining what we are. > No matter what, find a way. Because thats what winners do. > You can't improve what you don't measure. > Quality is never an accident; it is always the result of high intention, > sincere effort, intelligent direction and skillful execution; it represents > the wise choice of many alternatives. > > > On Wed, Jan 16, 2013 at 12:56 AM, Charlie Arehart <char...@carehart.org>wrote: > >> Ok, call off the alarm (those of you on 9.0.2). It turns out that the >> confusion about the new hotfix (regarding 9.0.2) was just a mistake in the >> technote. All is as it should be, and everyone ought to apply this hotfix >> ASAP. :-) >> >> BTW, since writing my comment earlier, I have come out with a part 3 >> entry, on the hotfix and more. >> >> >> http://www.carehart.org/blog/client/index.cfm/2013/1/15/Part3_serious_security_threat >> >> Still planning a part 4, with post mortem and more. A bit busy now to >> commit to when. :-) >> >> /charlie**** >> >> ** ** >> >> *From:* ad...@acfug.org [mailto:ad...@acfug.org] *On Behalf Of *Charlie >> Arehart >> *Sent:* Tuesday, January 15, 2013 3:44 PM >> *To:* discussion@acfug.org >> *Subject:* RE: [ACFUG Discuss] New CF Vulnerability - Check your servers* >> *** >> >> ** ** >> >> Thanks for sharing it here, Cam. >> >> Do beware, though: for those on 9.0.2, there’s a glitch in the hotfix (a >> missing web-inf.zip within the cf902.zip). >> >> I’ve added a comment on the blog entry that points to that ( >> http://blogs.coldfusion.com/post.cfm/coldfusion-security-update-for-version-9-and-above), >> but obviously those who go straight to the technote wouldn’t see that. >> Hopefully Adobe will fix this ASAP. >> >> To be clear, this warning is only for those on 9.0.2. Those on 9.0, >> 9.0.1, or 10 should absolutely proceed with the hotfix as provided.**** >> >> ** ** >> >> /charlie**** >> >> **** >> >> ------------------------------------------------------------- >> To unsubscribe from this list, manage your profile @ >> http://www.acfug.org?fa=login.edituserform >> >> For more info, see http://www.acfug.org/mailinglists >> Archive @ http://www.mail-archive.com/discussion%40acfug.org/ >> List hosted by FusionLink <http://www.fusionlink.com> >> ------------------------------------------------------------- >> > > -- Steve Ross web application & interface developer http://blog.stevensross.com [mobile] (912) 344-8113 [ AIM / Yahoo! : zeriumsteven ] [googleTalk : nowhiding ]