Sign up to save your podcasts
Or
Share Modernize or Die® - CFML News for January 19th, 2021 - Episode 87
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Modernize or Die® - CFML News for January 19th, 2021 - Episode 87
2021-01-19 Weekly News - Episode 87
Watch the video version on YouTube at https://youtu.be/DHO_LXiFHII
Hosts:
Gavin Pickin - Software Consultant for Ortus Solutions
Brad Wood - Software Consultant for Ortus Solutions
Thanks to our Sponsor - Ortus Solutions
One way to say thanks back to Ortus Solutions, is to support CFCasts, which is releasing new content every week
Patreon Support
We have 33 patreons providing 61% of the funding for our Modernize or Die Podcasts via our Patreon site: https://www.patreon.com/ortussolutions. If you love our podcasts and all we do for the #coldfusion #cfml community considers chipping in, we are almost there!
https://www.ortussolutions.com/blog/we-need-your-help
News and Events
Lucee Vulnerability now Public - Security researchers earn $50k after exposing critical flaw in Apple travel portal
Security researchers have earned a $50,000 bug bounty after uncovering a critical flaw in Apple’s travel portal.
Rahul Maini and Harsh Jaiswal were able to achieve remote code execution (RCE) by stringing together a string of vulnerabilities in order to exploit targeted domains.
Lucee in the sky with exploits
In a detailed technical write-up, Maini and Jaiswal explain how the early stage of their bug hunt narrowed their range of targets down to three hosts running on a content management system (CMS) which was back-ended by Lucee, a Java-based tag and scripting language used for web app development.
https://portswigger.net/daily-swig/security-researchers-earn-50k-after-exposing-critical-flaw-in-apple-travel-portal
Apple RCE Write Up - https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md
Cbi18n V2.0.0 Released
This module will enhance your ColdBox applications with i18n capabilities, resource bundles and localization. It supports traditional Java resource bundles and also modern JSON resource bundles.
V2.0 includes a large contribution by Wil De Bruin.
Release Notes: https://github.com/coldbox-modules/cbi18n/releases/tag/v2.0.0
ForgeBox: https://www.forgebox.io/view/cbi18n
ColdBox V6.2.2 Released
Today we released ColdBox v6.2.2 as a minor path. Please update if you are affected by the issues shown in the release notes.
https://www.ortussolutions.com/blog/coldbox-622-released
Ortus Webinar - CommandBox Task Runners
Friday, January 22nd - 11:00 AM CDT (GMT -6:00)
Have you ever wished you could create command-line programs using CFML, perhaps to automate a task or handle some long-running process? With CommandBox Task Runners, you easily can! Join Grant Copley for this month's webinar, where we take a close look at this powerful tool within CommandBox and how we can use it alongside our applications.
with Grant Copley
https://www.ortussolutions.com/events/webinars
Online CF Meetup - "Communication Skills for Technical Engineers & Developers", with Mark Takata
Thursday, January 21, 2021
5:00 PM to 6:00 PM CST
No matter what language, framework or technical skillset you employ in your day-to-day work, the biggest differentiator among engineers, designers & developers is the ability to communicate and engage with end users, stakeholders and business analysts. In this talk, Mark Takata will cover how to improve your ability to communicate with those folks, become an asset for your team & company, and widen the available paths for your future career.
https://www.meetup.com/coldfusionmeetup/events/275712862/
Online CF Meetup - "Securing a ColdFusion Application with Fixinator & FuseGuard", w/ Pete Freitag
Thursday, January 28, 2021
11:00 AM to 12:00 PM CST
In this session we'll take a look at a ColdFusion application that is vulnerable to several security issues. We'll look at some of the security holes in the application, how they can be exploited. Finally we'll use FuseGuard to protect the application, and Fixinator to find and fix some of the vulnerabilities in the application.
https://www.meetup.com/coldfusionmeetup/events/275825925/
ICYMI Online CF Meetup - "CF AMA: Ask Me Anything", with Charlie Arehart and Dan Wilson
Thursday, January 14, 2021
11:00 AM to 12:00 PM CST
Join us for another CF “Ask Me Anything” session, with your host Charlie Arehart and recent co-organizer Dan Wilson. We'll open the floor to any sort of CF-related questions you may have, whether about coding challenges or using CF features (on the newest or older versions), configuration or tuning, deployment, security, the future and state of CF, whatever.
Meeting: https://www.meetup.com/coldfusionmeetup/events/275569910/
Recording: https://www.youtube.com/watch?v=KH8-FRUP_Sc
CFCasts Content Updates
What’s new with ColdBox 6 - https://cfcasts.com//series/whats-new-with-coldbox6
- HTML QuickStart
- Testing QuickStart
- Whoops
Send your suggestions at https://cfcasts.com/support
Conferences and Training
VS Code Day
Join the VS Code team and community at a live event just for VS Code users. Get a glimpse of things to come and meet the team who works on VS Code every day.
Watch live: January 27, 2021 from 8 AM to 10:30 AM PST
Re-stream (with live Q&A): January 27, 2021 from 8 PM to 10:30 PM PST
https://code.visualstudio.com/vscode-day
Devnexus
Join the VIRTUAL olution
Feb 17 2021 - Online
https://devnexus.com/
Ortus Workshops - Dates coming soon
- Quick
- CommandBox Zero to Hero
- ColdBox Zero to Hero
- ColdBox Hero to SuperHero
Ortus’s Possible Conferences for 2021
Dates subject to change
Due to Online conference overload, we are thinking about not expanding the number of events, but more content in more timezones with a different format.
ITB - Developer Week Style??
With some European Timezone Friendly slots from our European Community Members
May 2021
ITB Latam
December 2021
More conferences
Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/
Trying to get CFML on the list
https://github.com/tech-conferences/conference-data/issues/1837
Blogs, Tweets and Videos of the Week
Blog - Ben Nadel - Array.Sort() ...
View all episodes
By Ortus Solutions
5
77 ratings
2021-01-19 Weekly News - Episode 87
Watch the video version on YouTube at https://youtu.be/DHO_LXiFHII
Hosts:
Gavin Pickin - Software Consultant for Ortus Solutions
Brad Wood - Software Consultant for Ortus Solutions
Thanks to our Sponsor - Ortus Solutions
One way to say thanks back to Ortus Solutions, is to support CFCasts, which is releasing new content every week
Patreon Support
We have 33 patreons providing 61% of the funding for our Modernize or Die Podcasts via our Patreon site: https://www.patreon.com/ortussolutions. If you love our podcasts and all we do for the #coldfusion #cfml community considers chipping in, we are almost there!
https://www.ortussolutions.com/blog/we-need-your-help
News and Events
Lucee Vulnerability now Public - Security researchers earn $50k after exposing critical flaw in Apple travel portal
Security researchers have earned a $50,000 bug bounty after uncovering a critical flaw in Apple’s travel portal.
Rahul Maini and Harsh Jaiswal were able to achieve remote code execution (RCE) by stringing together a string of vulnerabilities in order to exploit targeted domains.
Lucee in the sky with exploits
In a detailed technical write-up, Maini and Jaiswal explain how the early stage of their bug hunt narrowed their range of targets down to three hosts running on a content management system (CMS) which was back-ended by Lucee, a Java-based tag and scripting language used for web app development.
https://portswigger.net/daily-swig/security-researchers-earn-50k-after-exposing-critical-flaw-in-apple-travel-portal
Apple RCE Write Up - https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md
Cbi18n V2.0.0 Released
This module will enhance your ColdBox applications with i18n capabilities, resource bundles and localization. It supports traditional Java resource bundles and also modern JSON resource bundles.
V2.0 includes a large contribution by Wil De Bruin.
Release Notes: https://github.com/coldbox-modules/cbi18n/releases/tag/v2.0.0
ForgeBox: https://www.forgebox.io/view/cbi18n
ColdBox V6.2.2 Released
Today we released ColdBox v6.2.2 as a minor path. Please update if you are affected by the issues shown in the release notes.
https://www.ortussolutions.com/blog/coldbox-622-released
Ortus Webinar - CommandBox Task Runners
Friday, January 22nd - 11:00 AM CDT (GMT -6:00)
Have you ever wished you could create command-line programs using CFML, perhaps to automate a task or handle some long-running process? With CommandBox Task Runners, you easily can! Join Grant Copley for this month's webinar, where we take a close look at this powerful tool within CommandBox and how we can use it alongside our applications.
with Grant Copley
https://www.ortussolutions.com/events/webinars
Online CF Meetup - "Communication Skills for Technical Engineers & Developers", with Mark Takata
Thursday, January 21, 2021
5:00 PM to 6:00 PM CST
No matter what language, framework or technical skillset you employ in your day-to-day work, the biggest differentiator among engineers, designers & developers is the ability to communicate and engage with end users, stakeholders and business analysts. In this talk, Mark Takata will cover how to improve your ability to communicate with those folks, become an asset for your team & company, and widen the available paths for your future career.
https://www.meetup.com/coldfusionmeetup/events/275712862/
Online CF Meetup - "Securing a ColdFusion Application with Fixinator & FuseGuard", w/ Pete Freitag
Thursday, January 28, 2021
11:00 AM to 12:00 PM CST
In this session we'll take a look at a ColdFusion application that is vulnerable to several security issues. We'll look at some of the security holes in the application, how they can be exploited. Finally we'll use FuseGuard to protect the application, and Fixinator to find and fix some of the vulnerabilities in the application.
https://www.meetup.com/coldfusionmeetup/events/275825925/
ICYMI Online CF Meetup - "CF AMA: Ask Me Anything", with Charlie Arehart and Dan Wilson
Thursday, January 14, 2021
11:00 AM to 12:00 PM CST
Join us for another CF “Ask Me Anything” session, with your host Charlie Arehart and recent co-organizer Dan Wilson. We'll open the floor to any sort of CF-related questions you may have, whether about coding challenges or using CF features (on the newest or older versions), configuration or tuning, deployment, security, the future and state of CF, whatever.
Meeting: https://www.meetup.com/coldfusionmeetup/events/275569910/
Recording: https://www.youtube.com/watch?v=KH8-FRUP_Sc
CFCasts Content Updates
What’s new with ColdBox 6 - https://cfcasts.com//series/whats-new-with-coldbox6
- HTML QuickStart
- Testing QuickStart
- Whoops
Send your suggestions at https://cfcasts.com/support
Conferences and Training
VS Code Day
Join the VS Code team and community at a live event just for VS Code users. Get a glimpse of things to come and meet the team who works on VS Code every day.
Watch live: January 27, 2021 from 8 AM to 10:30 AM PST
Re-stream (with live Q&A): January 27, 2021 from 8 PM to 10:30 PM PST
https://code.visualstudio.com/vscode-day
Devnexus
Join the VIRTUAL olution
Feb 17 2021 - Online
https://devnexus.com/
Ortus Workshops - Dates coming soon
- Quick
- CommandBox Zero to Hero
- ColdBox Zero to Hero
- ColdBox Hero to SuperHero
Ortus’s Possible Conferences for 2021
Dates subject to change
Due to Online conference overload, we are thinking about not expanding the number of events, but more content in more timezones with a different format.
ITB - Developer Week Style??
With some European Timezone Friendly slots from our European Community Members
May 2021
ITB Latam
December 2021
More conferences
Need more conferences, this site has a huge list of conferences for almost any language/community.
https://confs.tech/
Trying to get CFML on the list
https://github.com/tech-conferences/conference-data/issues/1837
Blogs, Tweets and Videos of the Week
Blog - Ben Nadel - Array.Sort() ...