Hi Andrew,
There is a link for signing up for email notification here; http://www.adobe.com/support/security/ Gavin "Beau" Baumanis On 12/08/2010, at 4:38 PM, Andrew wrote: > Thanks Guys. I would have been unaware of this had it not been for > the cfaussie list. > > Is there an official announcements list I can join? > > Regards, > Andrew. > > On Aug 12, 10:52 am, "charlie arehart" <charlie_li...@carehart.org> > wrote: >> Well, no, because that would then expose to bad guys how they could use the >> vulnerability for ill. >> >> Really, every shop should apply it, but as it notes, the key is an exposure >> via the CF >> Admin, so if you have your CF Admin available to the public, you're >> vulnerable. If you >> require web server authentication, or have IP restrictions, etc, that >> certainly limits >> your exposure, but really, everyone should apply the fix. (To be clear, it's >> NOT >> enough that your Admin requires a password as defined within the CF Admin!) >> >> I will say this, Pete Frietag has said he will be updating his HackMyCF >> service to >> check for this vulnerability, which will be the best way for people to check >> (without >> the exploit being exposed). It's a FREE web-based service where you point it >> to your >> site, it runs its checks, and emails you a report. More at hackmycf.com. If >> I hear >> that he has updated it, I'll pass it on. >> >> /charlie >> >> >> >>> -----Original Message----- >>> From: cfaussie@googlegroups.com [mailto:cfaus...@googlegroups.com] On >>> Behalf Of >>> Steve Onnis >>> Sent: Wednesday, August 11, 2010 8:22 PM >>> To: cfaussie@googlegroups.com >>> Subject: RE: [cfaussie] Security update: Hotfix available for ColdFusion >> >>> They couldn't give more information about the actual security issue?? >> >>> -----Original Message----- >>> From: Kai Koenig [mailto:k...@koeni.de] >>> Sent: Thursday, 12 August 2010 8:39 AM >>> To: cfugauckl...@googlegroups.com; cfaussie@googlegroups.com >>> Subject: [cfaussie] Security update: Hotfix available for ColdFusion >> >>> Sorry for the crosspost to the NZ and AU lists, but you might want to >>> install this one rather sooner than later: >> >>> http://www.adobe.com/support/security/bulletins/apsb10-18.html >> >>> Cheers >>> Kai >> >>> -- >>> Kai Koenig - Ventego Creative Ltd >>> ph: +64 4 476 6781 - mob: +64 21 928 365 / +61 450 132 117 >>> web:http://www.ventego-creative.co.nz >>> blog:http://www.bloginblack.de >>> twitter:http://www.twitter.com/agentK >>> -- >> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "cfaussie" group. >>> To post to this group, send email to cfaus...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> cfaussie+unsubscr...@googlegroups.com. >>> For more options, visit this group at >>> http://groups.google.com/group/cfaussie?hl=en. >> >>> -- >>> You received this message because you are subscribed to the Google Groups >>> "cfaussie" group. >>> To post to this group, send email to cfaus...@googlegroups.com. >>> To unsubscribe from this group, send email to >>> cfaussie+unsubscr...@googlegroups.com. >>> For more options, visit this group at >>> http://groups.google.com/group/cfaussie?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "cfaussie" group. > To post to this group, send email to cfaus...@googlegroups.com. > To unsubscribe from this group, send email to > cfaussie+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/cfaussie?hl=en. -- You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaus...@googlegroups.com. To unsubscribe from this group, send email to cfaussie+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en.
