Modernize or Die® - CFML News for July 30th, 2019
Watch the full video Online on Youtube - https://youtu.be/ASLg8JGvD2Y2019-07-30 Weekly News - Episode 12 Hosts: Gavin Pickin - Software Consultant for Ortus Solutions Brad Wood - Lead Architect for Ortus Solutions News and Events Security Alert - VE-2019-7839: COLDFUSION CODE EXECUTION THROUGH JNBRIDGEJuly 25, 2019 | Trend Micro Research TeamA remote code execution vulnerability has been reported in Adobe ColdFusion. This vulnerability is due to the JNBridge binary protocol port being exposed without any authentication.A remote unauthenticated attacker can exploit this vulnerability by sending a crafted JNBridge binary protocol message to an affected server. Successful exploitation results in remote code execution as the root or SYSTEM user.Brad tweeted about this security alert“#ColdFusion folks, hackers waste no time developing exploits for CF when a patch comes out. I hope you have the same sense of urgency when it comes to installing the patches! Also ensure your firewall is only allowing HTTP/S traffic through! #CFML” https://www.zerodayinitiative.com/blog/2019/7/25/cve-2019-7839-coldfusion-code-execution-through-jnbridgePete Frietag from Foundeo released another CFML News Issue No 32Go online to register and get those newsletters emailed to you. Great summary of everything CFML - highlighting the best blog posts and news.https://tinyletter.com/cfml/letters/cfml-news-issue-32CBORM Updated - Version 2 Released + New GitBookA complete rewrite of the module to support a more modern and fluent approach to working with Hibernate/ColdFusion ORM. In this release we had to support 3 versions of Hibernate: 3 (Lucee), 4 (ACF 2016) and 5 (ACF 2018), which in itself proved to be a gargantuan task.We also focused on bringing more functional programming aspects to working with collections of entities and even introduced cbStreams as part of the cborm module. This gives you the ability to produce streams out of any method that produces a collection of entities.We also focused on converting the state of an object graph to a raw ColdFusion data struct as we live in the world of APIs. We include the mementifier module which allows every single entity to have a getMemento() method that will convert itself and its relationships to raw CF data constructs so you can take that state and either marshall it to another format (json,xml,excel) or audit the state.https://coldbox-orm.ortusbooks.com/New landing page for OrtusBooks.com - see all of our bookshttps://ortusbooks.com/Time to get the word outWe’ve had 500+ views on Youtube with 100+ new subscribersWe’ve had 1000+ podcast downloadsBut until this last week, Ben Nadel ( who has been blogging like a mad man about ColdFusion lately ) didn’t know we had a CFML podcast, let alone 2.So i need everyone go to on twitter and tweet that you’re watching / listening to the #modernizeordie #cfmlnews #podcast and why you think others should watch / listen to it.Adobe CF Summit early birdStill available as of July 23rd - are they still available now? Get them before they go up.Certificate Program + Conference Pass $498.00ColdFusion Security Preconference + Conference Pass $348.00Conference Pass $99.00ColdFusion Docker Preconference + Conference Pass $348.00Adobe CF Summit - Conference Las Vegas at the Mirage October 1-2 ( Tuesday + Wednesday ) Biggest CFML Conference of the Year - 500+ people Great Adobe Party Register Now - Early bird was only $99 https://cfsummit.adobeevents.com/ Early-bird registration has been extended to June 30, 2019 Call for Speakers is now closed!!! Speakers are listed on the websiteAdobe CF Summit Speakers Announced - 31 so far https://cfsummit.adobeevents.com/speakers/ Lots of Ortus Speakers Luis Majano Brad Wood Eric Peterson Gavin Pickin Adobe Speakers 5+ Rakshith Naresh Uday Ogra Kailash Bihani Piyush Kumar Nayak Suchika Singh Lots of other great community speakers 15+Including but not limited to: Pete Frietag George Murphy Brian Klaas Matt Clemente Giancarlo Gomez Matt Gifford Carl Von Stetten Daniel Fredericks Uma Ghotikar Abram Adams Dan Wilson David Tattersal ( Fusion Reactor ) Charlie Arehart Dave Ferguson Adobe CF Summit - WorkshopsAdobe ColdFusion Specialist Certificate ProgramFrom the CF Summit Website:The Adobe ColdFusion Specialist is a full-day certificate classroom program, delivered by top Adobe ColdFusion experts. You will be enrolled into the course as soon as you register and will receive course instructions and prep materials two weeks prior to the on-site program date. Following the training you will complete an online assessment – upon successful completion, you will receive your Adobe ColdFusion Specialist certificate.Register: https://cfsummit.adobeevents.com/adobe-coldfusion-specialist/ LocationThe Mirage, Las Vegas3400 S Las Vegas BlvdLas Vegas, Nevada, United States89109Dates:Monday September 30, 2019 - 8:00 AM - 5:00 PMPrice: $399.00 - early bird pricing Pre-conference Training 1: Hands-on ColdFusion Security WorkshopTrainer : Pete Freitag, Principal Consultant, Foundeo Inc. Pre-conference Training 2: Going from Zero to 60 with Docker and ColdFusion imagesTrainer: Charlie Arehart, Independent Consultant, Carehart https://cfsummit.adobeevents.com/register/registration/select Ortus Solutions Training Workshops at CF Summit after the ConferenceOrtus will be doing 2 2-day trainings on Thursday October 3rd, and Friday October the 4th. We have two great workshops to select from and they will be held in a much more exclusive and comfortable environment that will allow us to bring you a better learning experience at Executive Hospitality Suite from ARIA Tower Suites . Register as soon as possible as space is very limited!ColdBox From Zero to HeroLead by Gavin Pickin a Eric PetersonColdBox From Hero to SuperHero : API EditionLead by Luis Majano and Brad WoodDates: Thursday, October 3, 2019 at 9:00 AM - Friday, October 4, 2019 at 5:00 PM (PDT)Location:ARIA Resort a Casino3730 S Las Vegas BlvdMore information and a link to register here: https://www.ortussolutions.com/blog/cfsummit-2019-training-bootcampsColdBox From Zero to Hero - Bootcamp TrainingBangalore, India | October 16-17, 2019 - by Luis MajanoVery popular ColdBox training, a great way to get your feet wet and jump start your ColdBox development. Project Overview: We will be building a real twitter clone: SoapBox. We will use HMVC conventions, including BDD / TDD testing to build out the application including the usage of many different ForgeBox modules and industry standards.Price: $599 for 2 daysGroup discounted pricing available for $499Register now: https://www.eventbrite.com/e/hmvc-web-applications-from-zero-to-hero-bangalore-india-2019-tickets-58595141646CF Camp - Workshops and ConferenceOctober 17th and 18th in Munich, Freising, Germany.Read more now: https://www.cfcamp.org/ - Tickets NOW AVAILABLE.Early bird - July 15, 2019 - 280 EUR - $313.27Regular - Sep 11 - Oct 15, 2018 - 330 EUR - $369.17Late - Oct 16 - Nov 8, 2018 - 380 EUR - $425.10You can see the great lineup of speakers and sessions from last year on the site now. They will update as the speakers and sessions for this year is finalized.Call for Speaker Deadline was July 7th - Now closedSpeakers have been announcedhttps://www.cfcamp.org/speakers.htmlOn Twitter Kai said “I can honestly say this is the best a most diverse programme, @cf_camp ever had!“Ortus Speakers Eric Peterson Jorge Reyes Brad Wood Lots of Great Community Speakers Charlie Arehart Eleftheria Batsou Miguel Beltran Wil de Bruin Jen Doherty Mark Drew Rob Dudley Seb Duggan Nolan Erck Uma Ghotikar Matt Gifford Majid Hajian Michael Hnat Kenigbolo Meya Stephen Kai König Francisco Mancardi Lara Martín Joel Stobart Maciej Treder Dom Watson Sebastian Zartner Sessions have been announcedhttps://www.cfcamp.org/sessions.htmlOrtus Training at CF CampOrtus will be doing a 2 day workshop on the 15th and 16th of October. Eric Peterson will be leading - Rest easy at night with TestBox BDDBrad Wood will be leading the - Hero to Superhero - API REST Edition - name to be confirmed.Blogs, Tweets and Videos of the Week Ben Nadel - Sanity Checking Closure Invocation Overhead And Performance In Lucee 5.3.2.77https://www.bennadel.com/blog/3671-sanity-checking-closure-invocation-overhead-and-performance-in-lucee-5-3-2-77.htmFusion Reactor has a Adobe ColdFusion saleIf you want to purchase licenses, save a little with Fusion Reactor.https://www.fusion-reactor.com/blog/coldfusion-hot-sale/Pete tweeted about documentation short linksTweet 1 - For #CFML you can also do (link: https://cfdocs.org/trim) cfdocs.org/trim - I too wish all doc sites did that.Tweet 2 - Come to think of it, I also created a site for #java docs, eg: (link: http://javadocs.org/string) javadocs.org/string and #css docs (link: http://cssdocs.org/font-weight) cssdocs.org/font-weight they just redirect to the official docshttps://twitter.com/pfreitag/status/1154033063225171968?s=20Ben Nadel - Exploring Linked / Ordered Structs In Lucee 5.3.2.77https://www.bennadel.com/blog/3669-exploring-linked-ordered-structs-in-lucee-5-3-2-77.htmCF Alive Podcast - Elishia Dvorak talks about “Adobe ColdFusion Specialist Certification (new at CF Summit)” in the new episode of the CF Alive Podcast,https://t.co/5xTy8asRLK?amp=1Ben Nadel - Understanding Struct Key-Casing Using SerializeJson() In Lucee 5.3.2.77https://www.bennadel.com/blog/3667-understanding-struct-key-casing-using-serializejson-in-lucee-5-3-2-77.htmMatt Gifford released a CFML Wrapper to interactive with the IP API to fetch geolocation data for ip addresseshttps://github.com/coldfumonkeh/IPAPI Brian Klaas - Using AWS Step Functions in CFML: Wrapping Up the Transcribe, Translate, and Speak Workflow16 blog posts, epic, thanks Brian for amazing content. Brian’s interview on Modernize or Die Podcast Soapbox Edition will be released this Thursday. Keep an eye out.https://brianklaas.net/aws/coldfusion/2019/07/28/Using-AWS-Step-Functions-In-CFML-Part-16.htmlBen Nadel finds this older blog post from CFSimplicity - Lucee 5: simpler access to environment variableshttps://blog.simplicityweb.co.uk/109/lucee-5-simpler-access-to-environment-variablesTeraTech - Better Time and Number Formats with ColdFusionhttps://teratech.com/better-time-and-number-formats-with-coldfusion/Job Opportunities - @getcfmljobs on twitter Job Opportunity in Falls Church, VAhttps://www.getcfmljobs.com/jobs/index.cfm/united-states/ColdFusion-Developer-at-Falls-Church-VA/10886ColdFusion Developer position in North Carolina State University at Raleigh, NC, United Stateshttps://www.getcfmljobs.com/jobs/index.cfm/united-states/Temp-ColdFusion-Developer-at-Raleigh-NC/10885ForgeBox Module of the Week ColdBox JSON Web Tokens (JWT) - by Andrew Dixonhttps://www.forgebox.io/view/jwtColdBox Module for encoding and decoding JSON Web Tokens (JWT). This is a port of the CF-JWT-Simple project which itself is a port of the node.js project node-jwt-simple to CFML. It currently supports HmacSHA256, HmacSHA384, and HmacSHA512 signing algorithms.box install jwtLast Update: Jul 03 2019 02:55 PM | Downloads: 41 | Installs: 1680 | Views: 3211 | Versions: 5 VS Code Hint Tips and Tricks of the Week Live Share ms-vsliveshare.vsliveshareMicrosoft - 10,860,671 downloads - 5 starsVisual Studio Live Share enables you to collaboratively edit and debug with others in real time, regardless what programming languages you're using or app types you're building. It allows you to instantly (and securely) share your current project, and then as needed, share debugging sessions, terminal instances, localhost web apps, voice calls, and more! https://marketplace.visualstudio.com/items?itemName=MS-vsliveshare.vsliveshareThank you to all of our Patreon Supporters These individuals are personally supporting our open source initiatives to ensure the great toolings like CommandBox, ForgeBox, ColdBox, ContentBox, TestBox and all the other boxes keep getting the continuous development they need, and funds the cloud infrastructure at our community relies on like ForgeBox for our Package Management with CommandBox. If we’re getting your name wrong please let us know.Andrew DavisGary KnightJan JannekJoseph LamoreeLaksma TirtohadiRichard HerbertJohn FarrarCarl Von StettenDon BellamySamuel KnowltonDavid BelangerYogesh MathurSteven KlotzDan CardJeremy AdamsBrian WhiteDidier Lesnicki Scott SteinbeckJordan ClarkMatthew ClementeDa LiYou can see an up to date list of all sponsors on Ortus Solutions' Websitehttps://ortussolutions.com/about-us/sponsors★ Support this podcast on Patreon ★
