CFForm controls signature expires in 2 days on 5-20-2010

Question

I have submitted this issue multiple times to Adobe via report a security problem and wishlist for the past 6 months and nothing has been done yet. On 5-20-2010 the CFForm controls certificate expires 2010-05-20 per article b9c2d61c

Steps to reproduce bug:

1. Open a ColdFusion webpage that contains a cfform control using a browser and JVM that does not have a local copy of cfapplets.jar

2. Computer date is set to or after May 20, 2010

3. User is warned that certificate is expired or invalid and should/must decline installation.

Results: Users will be warned and potentially blocked from using any cfform applets without accepting expired certificate, users will not trust website.

Expected results: Adobe should provide updated jar file per http://go.adobe.com/kb/ts_b9c2d61c_en-us with certificate expiration well after end of extended support (2012-02-07). I recommend a certificate expiration date of 2016-12-31, the end of extended support for ColdFusion 9.x.

PS Adobe should fix the bug http://cfbugs.adobe.com/cfbugreport/flexbugui/cfbugtracker/main.html#bugId=79876 that exists in the CFGrid control too affecting versions 7.0.2 - 9!

dcollie · Accepted Answer

We've just published a tech note with an updated cfapplets.jar at the following location:http://kb2.adobe.com/cps/845/cpsid_84585.html

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded