Lucee.org Developer Forum Download Changelogs Release Notes Docker Documentation Github Bug Tracker Support Lucee Development

Lucee Server Changelogs - 5.4

Lucee Releases: 7.0   7.0.0.395  6.2   6.2.3.35  6.1   6.1.2.47  6.0   6.0.4.10  5.4   5.4.8.2  5.3     5.2     5.1     5.0     4.5    
LDEV-5584 Bug Lucee generates malformed cookie Expires attribute
cookies
5.4.8.2, 6.1.2.36, 6.2.2.9
LDEV-4314 Bug cookies expires timestamps are in UTC not GMT
acf-compat cookies
5.4.8.2, 6.2.2.9
LDEV-5527 Bug Ignore upgrade to 7 when not supported (5.4, 6.2) due to older loader version
loader
5.4.8.1
LDEV-5589 Bug installing extensions by LUCEE_EXTENSIONS doesn't pass coreVersion
extensions
5.4.8.0, 6.0.4.25, 6.1.2.39, 6.2.2.12
LDEV-5409 Epic 5.4.7 LTS Release, Tomcat 9.0.102 and Java 11.0.26-4 5.4.7.2
LDEV-4952 Enhancement update bundled cacerts march 2025
cacerts
5.4.7.2
LDEV-4905 Bug Lucee's class loader causing locking issues 5.4.7.1, 6.1.1.10
LDEV-4879 Enhancement Add LTS banner to 5.4 overview page
admin
5.4.6.9
LDEV-4847 Enhancement Unnecessary Runtime.exec call in getMode
performance
5.4.6.7, 6.0.2.41
LDEV-4414 Bug ObjectEquals false positive on array of arrays
Decision acf-compat
5.4.6.6, 6.0.2.40
LDEV-4873 Task Support for Defining Lucee Version via Environment Variable or System Property
Deployment
5.4.6.3, 6.0.2.35, 6.1.0.166
LDEV-4839 Enhancement update commons-compress to 1.26.1, commons-io to 2.16.1
java security
5.4.6.0, 6.0.2.25
LDEV-4649 Bug StorageScopeCache tokens map allowed to grow unbounded, creating memory leak
controller memory performance
5.4.5.27, 6.0.2.14
LDEV-4827 Bug Float/real values in SQL Server broken due to LDEV-4780
mssql
5.4.5.26, 6.0.2.14
LDEV-4832 Task reflect user-agent in cfid
cookies sessionmanagement
5.4.5.25, 6.0.2.9
LDEV-4817 Bug Server.cfc breaks cfimport
cfimport
5.4.5.22, 6.0.1.81
LDEV-4804 Task add functions SystemExitHas, SystemExitScan and SystemExitClean (experimental) 5.4.5.17, 6.0.1.73
LDEV-4804 Task add functions SystemExitHas, SystemExitScan and SystemExitClean (experimental) 5.4.5.17, 6.0.1.73
LDEV-4796 Bug ConfigImport sessionstorage does not work when cache get defined at the same time. 5.4.5.15
LDEV-4796 Bug ConfigImport sessionstorage does not work when cache get defined at the same time. 5.4.5.15
LDEV-4795 Bug NPE when Log resource appender has no grand parent directory 5.4.5.14, 6.0.1.72
LDEV-4155 Enhancement replaceNoCase not working with certain non ascii strings
strings
5.4.5.13, 6.0.1.70
LDEV-2446 Bug Default Lucee error page doesn't respect whitespace in tag context code output
error
5.4.5.12, 6.0.1.68
LDEV-4785 Bug Intermittent Failure of Elvis Operator Due to Concurrent Variable Modification
elvis
5.4.5.11, 6.0.1.62
LDEV-4786 Bug Lucee Logs: WARNING: expected resource not found: /META-INF/javamail.default.address.map
smtp
5.4.5.10, 6.0.1.61
LDEV-4780 Bug float to string as scientific notation 5.4.5.6, 6.0.1.57
LDEV-4777 Bug Resolve JSch Algorithm Negotiation Failure for SFTP Connections
ftp jsch
5.4.5.4, 6.0.1.53
LDEV-4767 Enhancement improve logger name with JsonLayout
logging
5.4.5.2, 6.1.0.12
LDEV-1868 Bug Classic Application Context does not Accept Aliases of mailServers
smtp
5.4.5.2, 6.0.0.567
LDEV-4765 Bug query column full null support with elvis
Null elvis query
5.4.4.40, 6.0.1.43
LDEV-4752 Task JsonAppender message as Json 5.4.4.34, 6.0.1.27
LDEV-4751 Task add main logger support 5.4.4.33, 6.0.1.25
LDEV-4739 Bug Mapping Classloader: creates duplicate classes when limit is reached
memory
5.4.4.32
LDEV-4742 Enhancement Add CGI.CFID
cgi
5.4.4.29, 6.0.1.15
LDEV-4746 Bug recheck mappings periodically 5.4.4.28, 6.0.1.18
LDEV-4741 Bug S3 installtion issue with cflog tag 5.4.4.25, 6.0.1.14
LDEV-4732 Task add attribute "throwonError" to cfflush
cfflush cfheader throwOnError
5.4.4.23, 6.0.1.6
LDEV-4728 Bug try to recover from classloading issue 5.4.4.21, 6.0.1.1
LDEV-3707 Bug URLSessionFormat() function does not work when using JEE/J2EE sessions when a client does not accept cookies
java sessions syntax
5.4.4.15, 6.0.0.580
LDEV-4718 Task filter out S3 secrets
exception s3 security
5.4.4.11, 6.0.0.573
LDEV-4712 Bug UDF cachedwithin ignore default values 5.4.4.9, 6.0.0.566
LDEV-4707 Bug S3GeneratePresignedURL differs from cfaws implementation
s3
5.4.4.8, 6.0.0.565, S3 2.0.1.15
LDEV-4701 Bug NullPointerException / race conditions in DataSourceSupport and JavaSettingsImpl
NPE datasource
5.4.4.2, 6.0.0.551
LDEV-4699 Bug update commons-compress to 1.24.0 due to tar related CVE-2023-42503
java security
5.4.4.1, 6.0.0.549
LDEV-4693 Bug Integer BigDecimal values are converted to strings with trailing 0s
query regression
5.4.4.0
LDEV-4678 Epic 5.4.3 regressions 5.4.3.11
LDEV-4678 Epic 5.4.3 regressions 5.4.3.11
LDEV-4691 Bug 5.4.3.2 QofQ rounds decimal column type to integer when joining
QoQ regression
5.4.3.10, 6.0.0.542
LDEV-4690 Bug admin: login prompt for every request 5.4.3.9
LDEV-4675 Bug admin Error: requested action doesn't exist
admin regression
5.4.3.4, 5.4.3.7
LDEV-4679 Bug regression: rest header args ignore argument name
rest
5.3.12.2, 5.4.3.5
LDEV-3854 Bug Performance/page spool lock contention
performance reg538 regression
5.4.3.5, 6.0.0.535
LDEV-4676 Bug SerializeJSON() produces invalid JSON when serializing some CFC instances
json regression
5.4.3.4, 6.0.0.533
LDEV-4672 Bug cfadmin-surveillance NPE 5.4.3.3, 6.0.0.530, 6.0.1.63
LDEV-4671 Bug Admin should show update me notifications when there is an update in the stable release for extensions page
admin extensions
5.3.12.1, 5.4.3.2
LDEV-4669 Bug loglevel is ignored in application log directives
logging
5.3.12.0, 5.4.3.2, 6.0.0.526
LDEV-4634 Bug NPE with clone headers
NPE
5.4.3.2, 6.0.0.528
LDEV-3355 Bug internal calls to the update provider need (shorter) timeouts
offline updates
5.3.9.62, 5.4.3.0, 6.0.0.151
LDEV-3110 Enhancement allow toggling XML External Entity support for XmlParse, isXml
xml
5.4.2.20, 6.0.0.523
LDEV-4653 Bug The key [OTHERVERSIONS] does not exist
admin
5.3.11.7, 5.4.2.19, 6.0.0.521
LDEV-4644 Enhancement only show admin updates notifications for the same major version
admin updates
5.3.11.1, 5.3.11.6, 5.4.2.12, 5.4.2.18, 6.0.0.518, 6.0.0.520, 6.2.1.95
LDEV-2692 Bug scheduled tasks list in admin doesn't show the start time for daily, weekly or monthly tasks
Scheduler admin patchReady
5.4.2.16, 6.0.0.73
LDEV-4645 Bug CHAR type in cfprocparam passes empty string as NULL
cfprocparam
5.4.2.13, 6.0.0.517
LDEV-4644 Enhancement only show admin updates notifications for the same major version
admin updates
5.3.11.1, 5.3.11.6, 5.4.2.12, 5.4.2.18, 6.0.0.518, 6.0.0.520, 6.2.1.95
LDEV-4348 Enhancement add xmlFeatures to getApplicationSettings
xml
5.3.11.2, 5.3.8.236, 5.3.9.172, 5.4.2.11, 6.0.0.516
LDEV-3451 Enhancement Disable XML entities by default against XXE in Lucee 6.0 & 5.4
Lucee6 breaking-change security xml
5.3.11.2, 5.3.11.5, 5.3.8.236, 5.3.9.172, 5.4.2.11, 5.4.2.17, 6.0.0.516, 6.0.0.519
LDEV-3889 Enhancement show changelog on admin update page
admin updates
5.3.10.137, 5.4.2.9, 6.0.0.513
LDEV-4640 Bug Lucee server config: errors in logs when server xml missing "update" element 5.4.2.8, 6.0.0.512
LDEV-4631 Bug Admin 5.4 is showing false update banner notifications for extensions
admin extensions
5.3.11.1, 5.4.2.7, 6.0.0.518
LDEV-4635 Bug s3 ext setStorage() does nothing for directoryCreate
directory s3
5.4.2.6, 6.0.0.511
LDEV-4178 Bug Support passthru of storage locations for Directory* functions / CFDIRECTORY
aws directory s3 storage
5.4.2.6, 6.0.0.511
LDEV-4087 Bug debug templates are changing the debug log entries
debugging
5.4.2.4, 6.0.0.509
LDEV-4627 Bug Native QoQ exception when column case differs
QoQ
5.4.2.2, 6.0.0.507
LDEV-4628 Enhancement update to zip4j 2.11.5
cfzip
5.4.2.1, 6.0.0.506, Compress 1.0.0.15
LDEV-1867 Bug QoQ over agressively applies column aliases
QofQ
5.4.2.1
LDEV-4610 Enhancement Add requestExclusive param to administrator.updateDatasource() 5.4.2.0, 6.0.0.505
LDEV-4597 Bug NPE in pageSourcePool.clearUnused() 5.4.1.8, 6.0.0.501
LDEV-4616 Bug date parsing regression
date-time regression
5.4.1.6, 6.0.0.500
LDEV-4615 Bug QoQ: data exception: string data, right truncation ; size limit: 1
QoQ regression
5.4.1.5, 6.0.0.499
LDEV-4613 Bug QoQ Regression - incompatible data type in operation
QoQ regression
5.4.1.4, 6.0.0.498
LDEV-4592 Bug Regression in 5.4.0.80 with QoQ and multiple queries: HSQLDB incompatible data type in operation
QoQ regression
5.4.1.4, 6.0.0.498
LDEV-4609 Bug unbundle hibernate from standard distribution 5.4.1
orm security shrink
5.4.1.3
LDEV-4536 Bug update docker images for 6.0 release (debian, java, nginx)
docker security
5.4.1.3
LDEV-4593 Bug Regression with QofQ - $ in column names no longer work
QoQ regression
5.4.1.2, 6.0.0.487
LDEV-2418 Enhancement configurable template cache max pagePool size
performance
5.4.0.82, 6.0.0.423
LDEV-4556 Bug string lucee.runtime.exp.NativeException: lucee.runtime.type.dt.DateTimeImpl; local class incompatible:
regression sessionmanagement
5.4.0.81, 6.0.0.465
LDEV-4540 Bug updating a new mssql driver in the admin doesn't preserve trust arguments
admin mssql
5.4.0.80
LDEV-1856 Bug cfhttp charset is not working
cfhttp charset
5.4.0.79, 6.0.0.457
LDEV-4550 Bug Upgrading to v5.4.0.65 failed due to Felix installation 5.4.0.78, 6.0.0.456
LDEV-4358 Bug Resource leak in DatasourceConnectionPool 5.3.10
datasource reg5310 regression
5.4.0.77
LDEV-4469 Bug Regression: Invalid "member is set to final" error on static property when code changes
regression static
5.4.0.75, 6.0.0.448
LDEV-4530 Bug OSGiUtil cannot load a bundle based on a range
osgi
5.4.0.73, 6.0.0.432
LDEV-4525 Bug mssql can't connect in 5.4, throws the driver couldn't connect - 12.2.0.jre8
build mssql reg54
5.4.0.72, 6.0.0.429
LDEV-4466 Bug OSGI error with memcached driver extension 4.0.0.7-SNAPSHOT
extension memcached osgi reg54
5.4.0.70, 6.0.0.427, Memcached 4.0.0.10
LDEV-4526 Enhancement build: fail when a configured service is not available (service / java )
build
5.4.0.69, 6.0.0.426
LDEV-4461 Bug Using named arguments in entityLoadByPK call results in java.lang.NoSuchMethodError
ORM
5.4.0.67, 6.0.0.425
LDEV-1526 Enhancement update HyperSQL 2.7.2 (HSQLDB) for QoQ (CVE)
QofQ datasource hsqldb java security
5.4.0.66, 6.0.0.419
LDEV-4502 Enhancement add jsonLayout log appender
json logging
5.4.0.63, 6.0.0.405
LDEV-3765 Bug Replace via a struct inserts gibberish when struct keys not found in text
regression strings
5.4.0.62, 6.0.0.412
LDEV-4342 Bug Lucee 6 Admin Services - update the default cache connection didn't work
Admin cache lucee6 regression
5.3.10.143, 5.4.0.60, 6.0.0.438
LDEV-4497 Enhancement update bundled cacerts to jdk-11.0.19.7
cacerts java
5.3.10.142, 5.4.0.59, 6.0.0.403
LDEV-4492 Bug After using the admin it can happen, that the language resource is not properly loaded 5.3.10.140, 5.4.0.56
LDEV-4477 Bug remove xmpcore from lucee core
java security shrink
5.4.0.54, 6.0.0.391
LDEV-4120 Enhancement remove old stax and css2 jars
java shrink
5.4.0.53, 6.0.0.396
LDEV-4485 Bug configImport needs to understand datasource allowedselect etc
cfconfig
5.3.10.139, 5.4.0.51
LDEV-4471 Enhancement update mysql to 8.0.33
JDBC mysql security
5.3.10.138, 5.4.0.50, 6.0.0.389
LDEV-4470 Enhancement update postgres jdbc to 42.6.0
JDBC postgres security
5.3.10.138, 5.4.0.50, 6.0.0.389
LDEV-4452 Task migrate build to use Maven Artifact Resolver Ant Tasks instead of Maven Ant Tasks
build
5.3.10.138, 5.4.0.50, 6.0.0.390
LDEV-4237 Bug Regression - this.blockedextforfileupload doesn't works for the file upload
file regression uploads
5.3.10.137, 5.4.0.49, 6.0.0.380
LDEV-4448 Bug Cannot cast String [352.] to a value of type [numeric]
numeric
5.4.0.47, 6.0.0.368
LDEV-4229 Enhancement QueryParam missing exception should include the SQL
exception query queryparam
5.3.10.133, 5.4.0.45, 6.0.0.367
LDEV-4219 Enhancement add charset, failto, replyto details to Mail listener arguments
listeners mail
5.3.10.132, 5.4.0.44, 6.0.0.276
LDEV-4416 Bug NPE on CallStackGet() with 5.3
NPE
5.3.10.131, 5.4.0.43
LDEV-4299 Enhancement switch to jsch fork (mwiede/jsch)
cfftp java sftp
5.4.0.42, 6.0.0.361
LDEV-4315 Bug NPE at lucee.runtime.config.ConfigWebFactory._loadCache(ConfigWebFactory.java :2343)
NPE
5.3.10.128, 5.4.0.39, 6.0.0.341
LDEV-4422 Bug Admin -> Services Cache -> Edit Memcached cache throws error
NPE cache memcached regression
5.3.10.126, 5.4.0.38, 6.0.0.353
LDEV-4405 Bug Regression? Log42j locks causing long running requests
logging performance regression
5.3.10.125, 5.4.0.37, 6.0.0.349
LDEV-4401 Bug Cfpop ignores port attribute
cfpop
5.3.10.123, 5.4.0.35
LDEV-4390 Bug Admin: editing a cache throws exception instead of showing error
admin cache regression
5.3.10.122, 5.4.0.34, 6.0.0.340
LDEV-4394 Enhancement avoid parsing queryparams in commented out sql
query queryparam
5.3.10.121, 5.4.0.33, 6.0.0.339
LDEV-3254 Bug script-queries (queryExecute) throws a syntax error if a SQL comment contains an apostrophe / single-quote
query
5.3.10.121, 5.4.0.33, 6.0.0.339
LDEV-2754 Bug Query Params are not Resolved When Comment has Apostrophe
queryparam
5.3.10.121, 5.4.0.33, 6.0.0.339
LDEV-1740 Bug SQL Comment is disabling further parameters
QueryExecute Velvet
5.3.10.121, 5.4.0.33, 6.0.0.339
LDEV-4381 Bug admin: "column name [otherVersions] already exist;lucee.runtime.exp.DatabaseException: column name [otherVersions] already exist
admin
5.3.10.120, 5.4.0.32, 6.0.0.334
LDEV-4368 Bug Improve placeholder handling for config
config
5.3.10.118, 5.4.0.30, 6.0.0.331
LDEV-4363 Bug CFParam treats a default value of "NULL" as a null value
acf-compat bug
5.4.0.28, 6.0.0.329
LDEV-3720 Enhancement Log trace of cflocation and allow option to Abort
cflocation logging
5.3.10.116, 5.3.8.204, 5.4.0.27, 6.0.0.114
LDEV-2871 Enhancement When there aren't any debugging logs, show debugging status
admin debugging
5.3.10.114, 5.4.0.25
LDEV-2900 Bug adding to cookie scope doesn't inherit application cfcookie tag defaults
cookies regression sameSite scope
5.3.10.113, 5.4.0.24, 6.0.0.326
LDEV-4338 Bug Admin - (Services - Cache) creating cache throws the error
Admin cache
5.3.10.111, 5.4.0.22
LDEV-4306 Bug SetLocale(“English (UK)") does not set United Kingdom locale. 5.3.10.102, 5.3.10.136, 5.4.0.12, 6.0.0.310, 6.0.0.372
LDEV-4307 Bug ConfigImport extremely slow
config performance
5.3.10.101, 5.3.10.104, 5.4.0.10
LDEV-4192 Bug NPE in FTPService with connection timeout when stoponerror is false
NPE cfftp ftp
5.4.0.7
LDEV-4297 Bug NPE lucee.runtime.config.ConfigWebUtil.loadAddionalConfig(ConfigWebUtil.ja va:783)
NPE
5.3.10.99, 5.4.0.6
LDEV-4261 Bug build must always display Caused by: sections of java stacktraces
build tests
5.3.10.98, 5.4.0.5, 6.0.0.288
LDEV-4294 Enhancement Update s3 to v2 for Lucee 5.4
s3
5.4.0.4, S3 2.0.0.96
LDEV-4281 Bug update httpclient to 4.5.13 due to CVE
cfhttp java redis security
5.4.0.3, Redis 3.0.0.47, S3 2.0.0.96
LDEV-4293 Enhancement Update image extension to v2 for Lucee 5.4
Image
5.4.0.2-SNAPSHOT, Image 2.0.0.17
LDEV-4280 Bug update metadata-extractor in image extension to 2.18.0 due to CVE
Image java security
5.4.0.2-SNAPSHOT, Image 2.0.0.17
LDEV-4284 Task Update apache tika to 1.28.4
java security tika
5.4.0.0-SNAPSHOT, 6.0.0.305

Last Updated: 02-Dec-2025 04:24:12