For CF7, there are no new security hotfixes since 2008, but for CF8, there were new ones as late as Sep '12.
See: http://www.adobe.com/support/security/#coldfusion /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Ajas Mohammed Sent: Tuesday, January 22, 2013 7:49 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] New CF Vulnerability - Check your servers I was wondering about people who are on CF 7/8. One of our server is still on CF 7. So apart from restricting public access to CFIDE admin folders, is there anything else that needs to be done for CF 7/8? I do know that this security fix by adobe tech note addresses versions CF 9.0, 9.0.1, 9.0.2 and CF 10. Thanks, <Ajas Mohammed /> iUseDropbox( <http://db.tt/63Lvone9> http://db.tt/63Lvone9) http://ajashadi.blogspot.com We cannot become what we need to be, remaining what we are. No matter what, find a way. Because thats what winners do. You can't improve what you don't measure. Quality is never an accident; it is always the result of high intention, sincere effort, intelligent direction and skillful execution; it represents the wise choice of many alternatives. On Tue, Jan 22, 2013 at 7:31 PM, Charlie Arehart <char...@carehart.org> wrote: Yes, there are various issues like that which will now bite people who had not done any of the security fixes until this one. I've been meaning to do a blog entry to highlight them, but have just been too busy. /charlie From: ad...@acfug.org [mailto:ad...@acfug.org] On Behalf Of Ajas Mohammed Sent: Monday, January 21, 2013 5:12 PM To: discussion@acfug.org Subject: Re: [ACFUG Discuss] New CF Vulnerability - Check your servers Frank, I know PostParametersLimit is a different issue than the security fix, if thats what you were trying to imply. I meant that since the security fix is CUMULATIVE fix, we saw it for the first time after applying security fix(because we had not patched up our servers with earlier hotfixes/patches). So PostParametersLimit = No. of form fields, where as postSizeLimit = size in MB of how big the post Size (form) can get. Thanks, <Ajas Mohammed /> ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by FusionLink <http://www.fusionlink.com> ------------------------------------------------------------- ------------------------------------------------------------- To unsubscribe from this list, manage your profile @ http://www.acfug.org?fa=login.edituserform For more info, see http://www.acfug.org/mailinglists Archive @ http://www.mail-archive.com/discussion%40acfug.org/ List hosted by http://www.fusionlink.com -------------------------------------------------------------
