If you have some older code and you run ColdFusion 2016 and you use CFLOOP with a list and you have CFOUTPUT placed outside the loop than the code fails. I think this is very common.

Fails:

<cfoutput>
<cfloop list="test1,test2,test3,test4,test5" index="index" item="item">
	#invoke('mycomp', 'myFunction', {index=index,item=item})#<br />
</cfloop>
</cfoutput>

Workaround:

<cfloop list="test1,test2,test3,test4,test5" index="index" item="item">
	<cfoutput>#invoke('mycomp', 'myFunction', {index=index,item=item})#</cfoutput><br />
</cfloop>

Adobe has released ColdFusion 2016 Final some time ago. Well we took some time to give it a try and since 3 days we do not have so much fun.

The most heavy bug I can share is that CF 2016 is failing to execute SQL statements that has comments inside. This happens only with -- comments. I'm not sure if this is limited to Microsoft SQL. It has for sure nothing to do with the Microsoft JDBC driver you are using. See Adobe bugtracker ColdFusion 2016 - Bug 4126398: SQL comments inside CFQuery are not ignored.

Broken:

-- Using a comment after the code on a line.
USE Northwind
GO
UPDATE Products
SET UnitPrice = UnitPrice * .9 -- Try to build market share.
GO

Workaround:

USE Northwind
GO
SELECT * FROM Employees
/* The
GO in this comment causes it to be broken in half */
SELECT * FROM Products
GO

Solution: You can change all your code... (just kidding) or ask support. They have a hotfix with file name chf20160001.jar that works and will be integrated in Updater 1.

If you run ColdFusion 10 tag with an SSL URL and you receive an error message I/O Exception: hostname in certificate didn't match: != OR OR it may be possible that you have tried to connect to a SSL server that is using Server Name Indication (SNI). With SNI there can be several independend SSL certificates installed on the same ip address. If you cannot change the remote server to run one certificate on one IP you need to install the updater.

SNI is only supported in ColdFusion 10 from Updater 18 or later.

• CFHTTP does not work with SNI enabled SSL

You are using Simpana 10 Exchange Mailbox archiving (not the previous Exchange Mailbox Archiver) in CommVault and you may have seen that your OnePass-Stubs have broken recall links in Quick Look. This is only visible in Outlook Web Access or on mobile. If you click the Quick Look link inside an e-mail you are redirected to https://webconsole/webconsole/RestServlet/Recall. Let me note that this is excactly the link that your users will see. Your global Recall Service URL configued for the archiver host is ignored.

Symptom:

• Recall Service is configured with hostname that contains "webconsole" in the hostname e.g. https://webconsole.example.com
• All Quick Look links in e-mails contain URLs to https://webconsole/webconsole/RestServlet/Recall and your custom hostname is ignored.
• Recalls fail as the hostname cannot resolved to a host.

Solution:

In your Web Console under Reports > eDiscovery Exception Report you are able to create a reports to identify possible issues in the indexing process. 

Bug:

If you try to create such a eDiscovery Exception Report and you click on a search engine you will see a greyed our form with a moving progress circle and after a timeout interval (~20seconds) you get an error message 3011,Search Engine service is down and a note that the CommVault Search Engine may not running. But CommVault Search Engine is up and running fine.

The root cause is that the Commvault Web Server installed on a different machine cannot connect to the CommVault Search Engine as the Windows Firewall is blocking the connection. Commvault missed to add the C:\Program Files\CommVault\Simpana\CIServer\bin\tomcat6.exe executable to the firewall exceptions.

Solution:

If you have installed Commvault Web Console on a Windows Core server you may wonder why you cannot reach the tomcat server on this host. You have for sure configured the firewall with the setup and added the exceptions to the windows firewall, but it is still boarded-up.

Reason:

• Commvault has missed to add the tomcat process to the exception list as the executable is not inside Simpana\Base folder.

Solution:

• Add the exception manually by running the command:
  
  Simpana 10.x:
  netsh advfirewall firewall add rule action=allow dir=in program="C:\Program Files\CommVault\Simpana\Apache\bin\tomcat6.exe" name="CommVault_Process_1_tomcat6 / C:\Program Files\CommVault\Simpana\Apache\bin\tomcat6.exe" enable=yes
  
  Simpana 11.x:
  netsh advfirewall firewall add rule action=allow dir=in program="C:\Program Files\Commvault\ContentStore\Apache\bin\tomcat.exe" name="CommVault_Process_1_tomcat / C:\Program Files\Commvault\ContentStore\Apache\bin\tomcat.exe" enable=yes

History:

I just installed a Web Console on Windows 2012 R2 Core server and learned how insecure this system is out of the box. You may have worked through the Post-Installation Configurations for Web Server and Web Console. This ends with an highly insecure web server configuration. The SSL encryption is sooo weak that I tend to say you can also leave SSL switched off. You can check your server with SSL Server Test. Commvault default with Java 7 will end with the most worse test result of F.

If you are running Commvault Exchange Mailbox Archiver and Public Folder Archiver you may wonder about Install Outlook Add-In - Administrator that suggest some strange ways to deploy the Outlook Add-in. They require you to run EXE command line tools via Logon scripts in a GPO. A horrible bad idea to deploy software... ! Below is the way how you should deploy it to have full controll about all. Do not follow the documentation of Commvault!

This documentation has been written for Windows x64 and this means Windows 7/8/10. An installation on Windows x86 has not been tested, but can be easily adapted.

First of all there are some pre-requirements for this software to run. These are as follows:

For an extended time we are trying to install Windows Updates on our machines, but this always fails with error message Failure configuring Windows Updates. Reverting changes when the system reboots. In case all the update rolling back and you are back to no update installed. This happens typically if you install Windows 2012 Core from DVD and try to install all the available Microsoft hotfixes. After a few months with Microsoft this has been escalated MS internally and they identified coldfusion.exe has an open file handle on TTF font files. It looks like Microsoft does not add the TTFs to pending files for rename list and just replace them on reboot from my point of view.

After lot of digging we found an interfering process that causes an update failure of tahomabd.ttf, see C:\Windows\Logs\CBS\CBS.log on the affected machine:

If you try to connect to an Dell iDRAC Enterprise it may happen that you cannot connect. IE for example shows you the login form, but Google Chrome and Firefox not. This happens because you are redirected to an SSL URL and the OpenSSL used by iDRAC has issues with your browser and fail to establish a TLS 1.2 connection. It looks like this:

Workaround:

• Run Google Chrome with C:\Program Files (x86)\Google\Chrome\Application\chrome --ssl-version-max=tls1.1 and upgrade iDRAC asap.

Solution:

• Upgrade iDRAC to 1.98 or later

Affected systems (only known server types):

• R310
• R510