Home / Products / ColdFusion / Support / Release Notes
Macromedia ColdFusion Support Center Release Notes

ColdFusion MX Updater Release 3
Release Notes
Part 3 -
ColdFusion MX Issues Fixed in Previous Updater Releases

March 19, 2003

This document is the third part of the ColdFusion MX Updater 3 Release Notes. It lists the issues that were fixed in previous Updater releases. Updater releases are cumulative; therefore, Updater 3 includes all fixes listed in this table. You do not have to install Updater 1 or 2 before you install Updater 3.

Other Parts of the Release Notes
Part 1 -- Known Issues and Installation Instructions
Part 2 -- Issues Fixed in this Updater Release
Part 4 -- Installed Files, Uninstalling, and Installing the Update Silently


CFML Tag-Related Issues

The following issues with the ColdFusion CFML tags have been fixed:

Issue ID
The cfhttp tag was not properly internationalized. The tag used ISO-8859-1 (Latin-1) as the default character encoding and ignored the charset attribute. The cfhttp tag now supports the charset attribute and uses UTF-8 as the default character encoding.

Because the default character encoding has changed, you might encounter errors if you use the cfhttp tag without a charset attribute to retrieve a page or file that uses Latin-1 encoding for a language other than English, such as French, German, or Spanish. If you use these languages, specify the ISO-8859-1 character set in your cfhttp tag, as follows:

<cfhttp charset="ISO-8859-1" >
When deserializing a large packet (over 50KB), the cfwddx tag threw an error and failed to deserialize the packet. 36127
The cfquery tag produced an error when addressing elements that were created as an Alias in a stored procedure.
An "illegal target of jump or branch" error occurred often if a large CFML file had a cfswitch statement spanning the entire file. 44733
The cfservletparam tag caused an exception and exited if a WDDX packet was passed in the value. 45739
Assigning a variable to the RequestTimeout parameter of the cfsetting tag threw a compiler error. 45777
The cfimport tag did not generate an error message when you specified an invalid attribute name. 45829
If the cfimport tag had an empty string as the taglib attribute value, ColdFusion MX generated an inappropriate "string out of bounds" error message. 45832
The cfmail failed to send mail on any port other than the default port 25. 47439
The maxRows attribute of the cfoutput tag had no effect if the tag that specified it was placed inside a cfoutput tag that used the group attribute. 47610
A cfloop tag that looped over a query object incorrectly executed a single loop if the query returned an empty result set. 47733
The cfpop tag cached the POP server name and used the cached name in subsequent requests that specified a different server. 48263
When reading e-mails sent from Microsoft Outlook, the cfpop tag put two copies of the message body in the body variable. 48431
ColdFusion MX URLEncoded special characters contained in the name attribute of name=value pairs. 48462
The cfservlet tag logged information to the server.log when the debug attribute was set to No. 48513

Back to Top of Page


CFML Function-Related Issues

The following CFML function-related issues have been fixed:

Issue ID
The ListFirst function failed if the first list element was empty. 46268
In some cases, complex expressions involving string concatenation could result in a null pointer exception. 46311
The val and IsNumeric functions behaved differently than in ColdFusion 5. The val function would return an error, rather than 0 in some cases if the argument could not be converted to a number. The IsNumeric function would return False for scientific notation numbers that used the d character. 46718
If you used the QueryAddColumn function and copied the resulting query object with the duplicate function, the copy was not a valid query object. 47732
The lsdateformat function displayed an error message when passed an empty string. 48256
If you used the duplicate function on a ColdFusion structure (struct), it returned a FastHashtable object instead of a ColdFusion structure. 48528

Back to Top of Page


COM-Related Issues

The following issues with COM have been fixed:

Issue ID
Passing a string literal that is not a valid ColdFusion variable name to a COM object IN/OUT argument caused exceptions. 36174
Errors occurred when using COM objects that did not specify type information for input parameters. ColdFusion now attempts to use these parameters, instead of immediately throwing an exception. 47907
COM objects with multiple IDispatch interfaces could not be used by ColdFusion MX. A “java.lang.IllegalArgumentException: Argument is not a COM object” error occurred. 46303
Attempting to use COM objects with read-only or write-only properties could fail. 46612
Looping over a COM collection object using a COM object that has com2Java-generated Java stubs could cause a method selection exception. 46150
Passing parameters to COM objects by reference did not work correctly. 46776
ColdFusion MX did not let you use a literal value in CFML code that calls a COM method that takes a simple value passed by reference. You were required to use a variable as the argument in your CFML code. 45605
Saving COM objects in shared variable scopes could cause a null pointer exception when ColdFusion executed the CFDUMP tag or if debugging were enabled. 45733


The following additional COM-related changes and improvements have been made:

Change ID
Significant improvements have been made to COM object performance on second and subsequent references by caching object type information.

Note: Due to this change, if the COM object interface definitions change, you must restart ColdFusion MX to use the new COM object interface type definitions.

Back to Top of Page


Administrator-Related Issues

The following issues with the ColdFusion MX Administrator have been fixed:

Issue ID
The neo-cron.xml file became corrupted if the scheduled task or probe name contained a single-quotation mark. The WDDX serializer was not escaping all illegal chars in attribute names. 45409
The Log Viewer was not available in the ColdFusion MX Administrator in Professional Edition. 46600
Errors occurred when displaying or editing scheduled tasks in some locales due to errors in locale-specific handling 48174
Scheduled tasks were not running at the correct time. 46312
ERROR variables were not available in the site-wide error handler. 46761
A potential script-execution vulnerability existed. 47096
When using web server Basic Authentication, the user was not prompted for the Administrator password after logging in to the web server, even when the ColdFusion MX Administrator password prompt was enabled. 47474


General Server-Related Issues

The following general server issues, including data validation issues, have been fixed:

Issue ID
Custom validation error messages were ignored on _required form fields. 45443
Specifying data type validation on form input fields by using the for _float and _integer field suffixes caused the field to be required. 47633
The exampleapps and companyinfo PointBase data sources, when viewed in ColdFusion Studio or Dreamweaver MX, required you to log in before showing tables and corrupted the data source. When this happened, you had to stop and start the server. 47649
Multiple user-written Java objects could fail under load. 48491
The HTTP content-length header was being set incorrectly in some cases. 48519

Back to Top of Page


Database-Related Issues

The following tables list database-related issues that have been fixed. The first table lists issues that are common to all database management systems. The tables that follow list issues for specific database systems.


General Database Issues

Issue ID
the cfupdate tag did not work correctly when the target DB table has a compound primary key comprised of multiple columns. 46433
On upgrade from ColdFusion 5, MySQL and PostgreSQL data sources were erroneously migrated as "ODBC Socket" data sources on UNIX and cannot be deleted in the Administrator. This Updater lets you use the Administrator to delete the incorrect data sources and recreate them correctly. 46877
An exception message for the cfupdate tag erroneously reversed the table and data source names. 45170
Invalid connections to Informix, Oracle, or DB2 data sources could erroneously be reused in the connection pool. 46251
Query caching failed when an error was generated at the JDBCPool level. As a result, subsequent accesses to the query generated a null pointer exception, even if the initial problem was fixed. 45799
SELECT and DROP keywords contained in SQL could produce a “No ResultSet set was produced” error message. 45938
Under certain circumstances, a null pointer exception could be generated when statement pooling was enabled. 15001321
The drivers did not correctly handle table names containing brackets. 15000830
When using pooled connections, a connectionErrorOccurred event was not generated when a connection encountered a SQL exception or a fatal error. 15000154
The drivers did not correctly handle certain BLOB and CLOB objects. 11034310
The drivers did not correctly handle multiple outer joins in the same SQL statement. 11034077
The drivers did not support ANSI SQL outer join syntax with nesting on the left side of the outer join operator. 1034077
An unlocking method did not work with a specific package name. 1033412
The drivers did not process remaining connection properties if a password was the empty string. 1033115
The drivers generated a null pointer exception when calling close on a pooled CallableStatement that was already closed. 15002478
Delimited IDs within insert statements were not parsed correctly. 15001912
When using prepared statement pooling under heavy traffic loads, the drivers could generate null pointer exceptions. 1033113
In some cases, the drivers generated timeout exceptions for queries that should not have timed out. 15003253
An incorrect column count could be returned for result sets created with CONCUR_UPDATABLE concurrency. 15003104
The drivers were unable to update a result set created from tables that contained both Japanese and English characters in the table name. 15002983
The drivers hung while performing a parameterized insert when the size of the data equaled the size of the network packet. 1032460
The read() method of the InputStream returned from ResultSet.getBinaryStream returned incorrect results 15003234
Support for code page 273 was added. 15001299
Support for code page 437 was added. 11034752

Back to Top of Page


DB2-Specific Issues

The following issues with accessing and using DB2 databases have been fixed:

Issue ID
DatabaseMetaData.getTables did not return SYNONYMS with DB2 on OS/390. 11034138
The driver generated an exception when executing SQL statements that contained carriage return characters. 15001254
The driver did not connect to databases configured with code page 1051 or code page 1208. 1032678
The driver did not correctly return result sets generated by certain stored procedures on DB2 OS/390 or z/OS. 1033466
An error message was returned when trying to connect using an invalid userId or password. 15000693
The driver could incorrectly perform a commit on closing a result set. 11034490
The driver incorrectly generated a method not supported exception when setting a supported transaction isolation level on a connection. 11033329
The driver did not correctly convert some Japanese SJIS (cp 932) characters to Unicode. 1034141
Literals in SQL statements could not contain new-lines. New-lines in literals are now stripped from the SQL statement. 15001254
An exception could be generated when connecting to DB2 AS/400 v4R5. 15002962
A Prepared Statement that selects a CLOB column and binds a String could throw a "Value can not be converted to requested type" exception. 15003360
The driver generated a null pointer exception when checking whether a column was an auto-increment column if the result set was created by joining two or more tables. 15003429
The driver did not allow updates on a result set if the query did not contain a searchable column. 11034537
The driver generated an exception when a stored procedure that returned a result set was executed multiple times and the result set from the first execution was not closed. 15000759
The driver did not correctly convert some Japanese characters to UCS-2. 1032458

Back to Top of Page


Oracle-Specific Issues

The following issues with accessing and using Oracle databases have been fixed:

Issue ID
The Statement.setMaxRows() method was ignored when the argument "SelectMethod=cursor" was added to the URL definition of the data source. 48010
Pooled prepared statements fail under load. 48626
When inserting to CLOB fields in Japanese Oracle 9i from Japanese ColdFusion MX, CLOBs less than 4000 bytes had NULL inserted.
The driver did not correctly handle stored procedures with spaces in the procedure name. 15002558
Performance of batch inserts and updates is improved. 15001963
Driver performance is improved for certain prepared statement scenarios. 15001288
The driver did not handle Oracle "wrapped"/encrypted SQL correctly. 15001002
The driver incorrectly handled re-execution of pooled prepared statement with a TIMESTAMP parameter. 1033820
The driver generated a "No more data available to read" exception while executing certain queries that included BLOB columns. 15001754
The driver did not allow long parameters greater than 4 KB as input to stored procedures. 1033073
The driver generated an exception when processing SQL statements containing table names in double-quotation marks. 15000296
The driver generated an "End of stream was detected on read" exception for when processing certain SJIS characters. 15000753
The driver generated a null pointer exception when re-executing a stored procedure with a return parameter. 1034581
When executing stored procedures with parameters, driver performance is improved. 11034259
When inserting or updating LOB data, the driver cached the entire LOB, which could contribute to an out-of-memory exception. 1033841
Stored procedure performance is improved for applications not using Ref cursors. 1032952
The driver did not correctly insert certain TIMESTAMP values when running against Oracle 8. 1033522
Running under heavy, multithreaded traffic loads, the driver sometimes generated an exception when processing result sets. 1033955
DatabaseMetaData.getTables() returns TABLE_TYPE as "TABLE" instead of "SYSTEM TABLE". 15001959
The driver could incorrectly get a false value when determining if the database metadata supported the altering a table with a drop column. 15000325
The driver did not correctly update CLOBS greater than 2000 characters. 15003018
The driver could not bind more than 4000 bytes of data to LOB and LONG columns for certain database character sets. 15003084

Back to Top of Page


SQL Server-Specific Issues

The following issues with accessing and using SQL Server databases have been fixed:

Issue ID
If you copy and paste the quote character (') from Microsoft Word into a form field and use the cfinsert tag to insert the field into a Microsoft SQL Server data source, the quote characters are rendered in the database as square characters. 49270
A connection synchronization issue could occur with XA resource objects, which generated an "Unhandled Token" exception. 15003220
The driver generated a null pointer exception when handling replies from stored procedures or batches containing the UPDATETEXT or WRITETEXT Transact-SQL commands. 11033803
The driver could generated an exception when resuming a suspended transaction on an XA resource. 15001533
The driver generated a "Can't find an idle worker thread for XaStart" exception when using XA transactions under heavy traffic load. 15001313
The driver did not correctly handle SQL collations. 15000675
The driver did not always correctly update a text column. 1032797
The driver did not correctly convert certain characters in code page 1252 to UCS-2. 1032632
The driver incorrectly handled the FOR BROWSE clause. 1034123
The driver incorrectly handled RETURNVALUE reply token in some circumstances. 1033473
The driver incorrectly handled input parameters for certain complex batch statements. 15001434
Repeatedly starting, ending, and committing XA transactions resulted in the XAException "Can't find an idle worker thread for XaStart". 15001313
The driver did not populate the sysprocesses table with hostname, program_name, hostprocess, and net_address. 1033274
The driver generated an exception while re-executing a stored procedure with a time or date parameter when a new value was not supplied for the parameter on the second execution. 11034666
Driver threads used with queryTimeout (CFQUERY using Timeout parameter) were not explicitly terminated. 47982
Performance is improved for inserts and updates. 15002367
The driver generated an exception when specifying the FOR UPDATE clause while requesting an updateable result set. 15002305
A driver method was not returning the tablename for the column data. 15000838
The driver generated a null pointer exception when calling PreparedStatement.setBlob and PreparedStatement.setClob with a null BLOB or CLOB value. 15001852
A WSID connection option was added to override the value that is placed in the hostname column of the sysprocesses table when the driver connects to the data base. 15001778
An exception was generated for a valid JTA call sequence when using two XA Resource objects that referenced the same Resource Manager. 15001533
The driver truncated varchar output parameter data at 2000 characters. 15002170

Back to Top of Page


Sybase-Specific Issues

The following issues with accessing and using Sybase databases have been fixed:

Issue ID
An issue that could reduce driver performance was resolved.


The driver generated a numeric overflow exception when setting the parameter value of a Decimal column using setDouble. 15003369
The driver did not correctly return the native Sybase error associated with TDS_EED token. 1033850
The driver generated a null pointer exception when preparing to commit a distributed transaction if there was no work to commit. 15000200
The driver returned only 1 MB of data when fetching long data that exceeded 1 MB. 15002445

Back to Top of Page


Session Management-Related Issues

The following issue with ColdFusion session management has been fixed:

Issue ID
Switching the application space (using the cfapplication tag) before the browser cookies were set would result in different session ids for each application space change. 46265


WDDX-Related Issues

The following issue with WDDX has been fixed. Bugs 45739 and 36127 in the CFML Tag-Related Issues section and bug 45409 in the Adminstrator--Related Issues list are also WDDX bugs.

Issue ID
Reading large WDDX packets (around 10 MB) from a file caused errors. 47716


Structure-Related Issues

The following issue with ColdFusion structures has been fixed:

Issue ID
Variables with more than three dot separators in the name were not created properly as nested structures. 45501

Back to Top of Page


ColdFusion Component-Related Issues

The following ColdFusion component (CFC)-related issue has been fixed:

Issue ID

Specifying an empty string for the roles attribute of the cffunction tag for a ColdFusion component generated a stack trace and not a meaningful error message.



Security-Related Issues

The following issues that affect security have been fixed:

Issue ID
Users logging in multiple times using the cflogin tag might have encountered incorrect role assignments. 46672
The ColdFusion Service Factory class could be instantiated in CFML and used to get to a Security service. 47545
If you use Apache 2.0 as your web server, ColdFusion page source code could be displayed under certain circumstances if the JRun J2EE server that is built into ColdFusion MX Server stops working. 48982

Back to Top of Page


Web Server Connector-Related Issues


The following JRun-specific issues have been fixed:

Under some conditions, JRun could erroneously create a directory when a JSP page was requested. 47239
If a web server and JRun were on the same computer, and the Connector Wizard was run against a cluster, all the servers in the cluster were added using localhost:proxyport instead of IP:proxyport as appropriate. 44777
Setting verbose=false (default) in the jrun.ini file did not stop output and failure logging to the JRun connector logs when using the IIS/ISAPI filter. 46733


The following Apache-specific issues have been fixed:

ColdFusion MX did not work with Apache 2.0.40 - 2.0.43.
The Updater 3 Apache 2.x connector requires 2.0.43 or later. The Updater 2 connector required 2.0.41 through 2.0.43, and Updater 1 worked with 2.0.40. For information on updating Apache before installing the Updater, see Installing the Update with Apache Web Server.

ColdFusion MX with Updater 2 works with Apache 1.3, but requires the latest minor release, 1.3.27.

the cfchart tag did not work correctly with Apache 2.0 if the first servlet mapping was for cfchart. 46774
The configuration setting modifications to Apache config files were not placed before the VirtualHosts section. 44649
The wsconfig web server configuration did not work correctly with Apache StrongHold. 46689
If two servlet mappings differed only by a trailing slash, Apache server wouldn't start properly. 46691


The following IIS-specific issues have been fixed:

Under some heavy load conditions, the IIS connector DLL might have produced an access violation with very large headers or URLs. This could make the server appear unresponsive. 45900
Under certain conditions, a heap overflow condition could occur with the IIS connector. 46706
If more than 18 websites were configured in IIS, the web server configuration tool listed only 18. The new limit is 2048. 46300

Back to Top of Page


The following general connector fixes and improvements have been made:

On some combinations of web servers and operating systems, including Netscape or iPlanet 4.1 on Solaris, ColdFusion does not retrieve some request headers, including the SERVER_SOFTWARE, HTTP_ACCEPT_LANGUAGE, and HTTP_USER_AGENT CGI variables. One result of this problem is that ColdFusion cannot determine the user's browser, and ColdFusion MX assumes a Netscape browser, which affects the rendering of Java applets-based CFML tags: cftree, cfslider, cfgrid, and cftextinput. 47741
A potential log file and .ini file disclosure issue has been fixed. 46562
The remove_ALL_connectors batch program didn't work properly. 46213
A new switch has been added to the wsconfig web server configuration tool. You can now use the -upgrade switch to upgrade web server connectors.

The following syntax upgrades all configured connectors.

In Windows:
cf_root\runtime\jre\bin\java -jar wsconfig.jar -upgrade -coldfusion -v

cf_root/jre/bin/java -jar wsconfig.jar -upgrade -v -coldfusion

The Updater automatically runs this command to upgrade the web server connectors when you install an update.

You can also upgrade a single website by using the following syntax.

In Windows:
cf_root\runtime\jre\bin\java -jar wsconfig.jar -upgrade <iis|apache|nes|iplanet|zeus> -dir <path> | -ws <site> -coldfusion [-v]

cf_root/jre/bin/java -jar wsconfig.jar -upgrade -coldfusion <iis|apache|nes|iplanet|zeus> -dir <path> | -ws <site> -coldfusion [-v]

The command specifies the web server type to upgrade and the server configuration directory path (for Apache, Netscape, iPlanet, or Zeus servers, or the server site for IIS. The optional -v switch produces expanded (verbose) output from the wsconfig tool.


Back to Top of Page


Runtime and Debugging-Related Issues

The issues with the ColdFusion runtime and debugging information have been fixed:

Issue ID
A potential cross-site scripting vulnerability existed in a handler module. 46113
A malformed mail file could cause the mail service to fail to start. 46502
Client variables stored using the clientStorage="Cookie" option did not work correctly if the case of the application name specified in the cfapplication tag was not correct. 46656
The DateDiff() function was not compatible with ColdFusion 5. 47153
Strings suffixed with “D”, “d”, “F”, or “f” would erroneously evaluate as numeric values. 47453
The word “undelivered” used as part of filenames for messages written to the \undelivr folder for undelivered e-mail was misspelled, “undelievered”. 45981
Messages written to the \undelivr folder for undelivered e-mail could have multiple “undelivered_” strings at the start of the filename. 45980
ColdFusion MX did not attempt to resend undeliverable mail that was manually moved back to the mail spool directory. 45979
The debug output did not list the variables for a scope in alphabetic order. 45754
When using the NTAuth class to authenticate against a domain, ColdFusion MX hung if the domain was not available or if you specified an incorrect domain.

Back to Top of Page


Internationalization-Related Issues

The following internationalization-related issues have been fixed:

Issue ID
Multipart/form-data was not correctly controlled by the SetEncoding() function. This function has the form: SetEncoding("form", "UTF-8"). 44878
ColdFusion MX debugging information did not properly display double-byte string form values if the form page’s charset was not UTF-8. 46820
The CFFILE tag did not upload files if their names used double-byte characters. 45673
ColdFusion MX ODBC Agent and Server services did not use the native OS Code Page on Japanese Windows systems. To correct this issue, the Updater automatically runs the cf_root\db\slserver52\admin\setcp.bat command file. 46048

Back to Top of Page
Part 1 -- Known Issues and Installation Instructions
Part 2 -- Issues Fixed in this Updater Release
Part 4 -- Installed Files, Uninstalling, and Installing the Update Silently