Blog

CommandBox 5.9.1 Released!

CommandBox, Releases
Brad Wood August 16, 2023

Spread the word

Brad Wood

August 16, 2023

Spread the word

Share your thoughts

Ortus Solutions

We are pleased to announce the general availability of CommandBox 5.9.1. This is a very small release with two changes.

  • Update to Lucee 5.4.3.2
  • Update bundled JRE to 11.0.20+8

Note Lucee 5.4.3.2 contains critical security patches which are outlined here:

https://dev.lucee.org/t/lucee-critical-security-alert-august-15th-2023-cve-2023-38693/12893

The new Lucee version affects the core CLI runtime as well as the default server you get when running "server start" with no cfengine specified.  Possible compatibility issues related to the major bump in Lucee version:

  • This Lucee version does not include Hibernate, so the Ortus Hibernate extension is installed.  We will stop doing this in 6.0
  • This Lucee version has strict XML parsing settings on by default which may affect any servers you start which parse XML containing DTDs.

If you do run into XML errors, this code may help you in your Application.cfc, which allows DTDs, but still disallows XML external entities (XEE).

this.xmlFeatures={
	externalGeneralEntities: false,
	disallowDoctypeDecl: false
};

Release notes

Task

Add Your Comment

Recent Entries

First Round of the Into the Box 2026 Agenda Is Live

First Round of the Into the Box 2026 Agenda Is Live

Into the Box 2026 marks an important moment for the CFML and BoxLang community not just because of what’s on the agenda, but because of what it represents: 20 years of Ortus Solutions helping teams move forward, modernize, and build with confidence.

Victor Campos
Victor Campos
January 21, 2026
BoxLang AI v2: Enterprise AI Development Without the Complexity

BoxLang AI v2: Enterprise AI Development Without the Complexity

One Year. 100+ Features. Unlimited Possibilities.

Just one year ago, in March 2024, we launched BoxLang AI 1.0. Today, we're thrilled to announce BoxLang AI v2—a massive leap forward that positions BoxLang as the most powerful and versatile AI framework on the JVM.

Luis Majano
Luis Majano
January 19, 2026
CommandBox: A Smarter Foundation for BoxLang and CFML Workflows

CommandBox: A Smarter Foundation for BoxLang and CFML Workflows

In day-to-day development, some tools simply do their job… and others quietly change the way you work. CommandBox falls into the second category.

It doesn’t replace your editor, framework, or existing applications. Instead, it becomes the common ground where CFML and BoxLang development meet ,giving teams a consistent, reliable way to build, run, and evolve their projects.

Victor Campos
Victor Campos
January 16, 2026