• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Ok to used downloaded Java to install patch

New Here ,
Jul 19, 2023 Jul 19, 2023

Copy link to clipboard

Copied

The CF2021 Update 9 notice ( https://helpx.adobe.com/coldfusion/kb/coldfusion-2021-update-9.html ) says "Ensure that the JRE bundled with ColdFusion is used for executing the downloaded JAR. For standalone ColdFusion, this must be at, <cf_root>/jre/bin."

 

But APSB23-47 ( https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html ) says "Note: 

Adobe recommends updating your ColdFusion JDK/JRE LTS version to the latest update release. Check the ColdFusion support matrix below for your supported JDK version." and "Applying the ColdFusion update without a corresponding JDK update will NOT secure the server. "

 

Historically, I've downloaded the latest version of Java11 and used that to run ColdFusion (eg: my jvm.config:java.home=/my/downloaded/java).  But noticed the blurb in the Update9 notice about "Ensure that the JRE bundled with ColdFusion ...this must be at, <cf_root>/jre/bin." so I was confused.

 

Do I run ColdFusion using /my/downloaded/java but I apply the patch still using the old <cf_root>/jre/bin/java ?  Or is this merely a doc error (I think it is) and I should use the same Java to patch with as I use to run ColdFusion.  So if I run CF using /my/downloaded/java then I should patch using /my/downloaded/java too (which I think would make more sense.)

 

 

TOPICS
Documentation

Views

70

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Jul 19, 2023 Jul 19, 2023

Copy link to clipboard

Copied

LATEST

Merely doc sloppiness. Your plan is fine. A different way they could word it is that if using Java to run the updater manually, one should NOT use a Java version OTHER than what your cf version supports.

 

And separately, the version that Cf uses should be the latest update of that Java version. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation