The following hotfix is available for Appian 18.3.
This is a cumulative hotfix package that includes Hotfix Packages A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, Q, and R as well as new hotfixes in a single download and a set of instructions. This package is required for any Appian 18.3 installations not currently on Hotfix Package S. After installing, you will be running on Appian 18.3 Hotfix Package S.
See the Installation section at the bottom of this page for instructions on how to install this hotfix package.
Resolved Issues
Security Updates - Critical.
AN-149140 - High
For security reasons, the Query Database Smart Service has been updated. Customers cannot run the LOAD DATA LOCAL INFILE command against a MySQL database by default from a Query Database Node in the Process Model. To provide higher security, for Appian Cloud customers, this command was already disabled at the database level for the Appian Cloud database and at the JDBC level for configured MySQL databases. There is no impact or action for Cloud customers. On-premise customers who wish to use this command must set the conf.data.mysql.loaddata.enabled property to "true" and conf.data.load.infile.path property as a comma-separated list of paths to whitelisted directories that contain the files to be loaded. If the required properties are not set, any Process Model using this command will pause by exception at runtime. This command is generally used to periodically load data from files into the database, and so we expect that most customers will not have to take the required action.
AN-149305 - High
JDBC connector configuration property "autoDeserialize" has been set to false for all MySQL database connections, in order to improve security.
AN-137156 - Medium
Fixed an issue in the Interface Designer which prevented Design Mode from loading when using a!groupsByName().
AN-150265 - Low
Updated export function and smart service descriptions to include column limits
Resolved Issues
Security Updates - Medium
AN-148043 - High
When using IE11 in compatibility mode to authenticate to Appian via SAML, an error which prevents sign-in no longer occurs.
AN-147957 - High
Application server performance under high concurrency has been improved.
AN-147763 - High
Fixed an issue with the "not in" operator in a!queryFilter.
AN-146311 - High
A condition that could cause the process execution engines to use abnormally high amounts of CPU has been removed.
AN-145981 - High
An error that could prevent proper shutdown that would prevent upgrading has been prevented.
AN-142514 - High
Fixed an issue that would have been introduced by an upcoming Chrome version, Chrome 80, where embedded users would be unable to login.
AN-148138 - Medium
Fixed issue causing Query Database smart service to pause by exception when its first input is null
AN-146512 - Low
The cleanup script no longer removes archived kdb files when the logs
parameter is specified.
AN-60854 - Low
A 'Report-Only' Content Security Policy header has been added.
Resolved Issues
Security Updates - High
AN-145504 - Critical
For security reasons, the Query DB Node smart service has been updated. Customers running the LOAD DATA INFILE command against a MySQL instance (only applicable to Configured Data Sources; not applicable to the Appian Cloud database) from a Query DB Node in a Process Model must set the conf.data.load.infile.paths custom property as a comma-separated list of file paths to whitelist the required directories. If the property is not set, any Process Model using this command will pause by exception at runtime. This command is generally used to periodically load data from files into the database, and so we expect that most customers will not have to take the required action described here.
AN-146705 - Low
Fixed an issue causing Search Server to break a site that is low on disk space
Resolved Issues
Security Updates - Critical
AN-141281 - High
Fixed an issue where orphan process variables could exist and impact system performance
Resolved Issues
Security Updates - Critical
AN-142283 - Medium
Fixed an issue that caused some record links to break on import if the record type was deleted and then re-imported.
AN-142517 - Low
Scheduled backups for on-premise customers taken with the backup script now include Kafka logs and Zookeeper data
AN-141300 - Low
HTML entered in a post, message, or comment is now rendered as text in Appian emails.
Resolved Issues
Security Updates - High
AN-141232 Critical
The process analytics engine now correctly handles the case where it mistakenly receives multiple copies for a single process variable for the same process from the process execution engines. Previously this could cause a sudden increase in memory used by the analytics engine
Resolved Issues
Security Updates - Critical
AN-139079 - High
An issue that could prevent zookeeper from restarting cleanly in on-premises installations has been resolved.
AN-70284 - Medium
Fixes a variety of internationalization issues with date and time formatting. For the Arabic [ar] locale, hours and seconds are now internationalized correctly, as well as the timezone. For the Arabic [ar], Chinese (Simplified) [zh_CN], Chinese (Traditional) [zh_HK], Japanese [ja], and Swedish [sv] locales, AM and PM will also be properly internationalized.
AN-129916 - Medium
A error in Kafka that could prevent startup has been corrected.
AN-137595 - Medium
Fixed an indexing error that could occur with updates to the analytics engine
AN-138292 - Medium
When running as a Windows service, the service manager process is now more tightly linked to the Windows service, preventing cases where one would be running without the other.
AN-134752 - Low
Added data metrics for SSL certificates
AN-136623 Low
Fixed an issue where duplicate entries were being logged for some exec errors
AN-137640 - Low
Added a new audit log, removed_processes.csv, to track events where a process is deleted or archived off of the system
AN-138326 - Low
Added logging improvements to the engine client.
AN-138674 - Low
Search server startup now waits for 30 seconds before timing out. Enhanced messaging has been added for the waiting period.
Resolved Issues
Security Updates - High
AN-137627 - High
Query database smart service now tolerates MySQL client-side prepared statements and does not fail.
AN-113345 - Medium
Drilling from a process report to individual processes now works correctly.
AN-135140 - Medium
Fixes domain name mismatch on certificate from cloud sites
AN-135990 - Medium
The "version" Process Model property now returns the correct result in Process Reports when the process has undergone In-Flight Modification (IFM).
AN-136782 - Medium
MySQL prepared statements are now correctly closed. Query Database Smart Service will no longer fail because of application reaching the max_prepared_stmt_count value for prepared statements.
AN-136861 - Medium
Side-By-Side Layout item lists no longer cause an error with null or empty string values.
AN-129208 - Low
The start process smart service no longer logs excessive error messages if the user who starts the process does not have permission to see that process.
AN-134946 - Low
Binding an Appian Engine to a port already in use now logs a detailed error message and returns error code 100.
Resolved Issues
a!sortInfo()
but the ascending
parameter is not defined.Resolved Issues
Resolved Issues
Resolved Issues
Security Updates - High
AN-123111 - Medium
Fixed an issue with performance when designing interfaces; the change will especially improve navigation to/from the Performance View and general performance of large interfaces.
AN-128387 - Medium
Connecting to External JMS Brokers is now supported.
AN-127095 - Low
Fixed an issue where recent changes to an interface of a component plugin are not reflected at runtime.
AN-128290 - Low
Fixed an issue that reported an invalid session count for Appian Cloud sites with Trusted IP addresses.
Enhancements
Added a new data metrics log rules.csv
to track information about each individual content engine object: constants, decisions, expression rules, interfaces, query rules, rule folders, and integrations.
Added a new data metrics log tempo_reports.csv
to track the total number of tempo reports in the system, and the number of users and groups on tempo report role maps. Updated the Sites metrics log sites.csv
and Records metrics log records.csv
with 3 new columns to track similar role map information.
The new Slow Plug-in Functions log helps identify plug-in functions that either take a long time to evaluate or return a large result, which may cause system-wide performance issues. See the Logging page for more information on what is included in the log.
The Memory Circuit Breaker now automatically detects when an expression is using too much memory and stops the evaluation before it can cause site-wide performance problems. See the Memory Circuit Breaker page for more information on how to diagnose memory issues and design memory-efficient expressions.
Resolved Issues
Security Updates - Medium
AN-123891 - High
The isusernametaken()
expression function now returns true
when passed a null or empty string as a parameter. This returns behavior to that of versions 18.2 and earlier.
AN-124329 - High
Entity-backed records now correctly handle primary keys of type text that contain pound (#) symbols.
AN-126208 - High
Fixed an issue where group-assigned task forms containing dynamic links did not display correctly in preview mode.
AN-77353 - Medium
Tasks can no longer be submitted via submit link in preview mode prior to acceptance.
AN-118197 - Medium
The performance of saving very large interfaces and decisions has been improved.
AN-122026 - Medium
When running in the high availability configuration, the service manager is now more resilient to temporary network failures as well as failures on startup and shutdown.
AN-122269 - Medium
Should a primary engine fail to successfully checkpoint when shutting down the service manager, the engine will now remain running to allow for subsequent attempts to checkpoint. Should checkpointing continue to fail with no obvious cause, such as lack of disk space, please contact Appian Support.
AN-124302 - Medium
Fixed an issue which prevented Arabic chart labels from displaying on the mobile app.
AN-125925 - Medium
The service manager will now terminate with a descriptive error message if it is unable to allocate a thread rather than run in a potentially unstable state.
AN-125975 - Medium
Messages are now properly logged to the Design Error log (design_errors.csv
). In rare circumstances, some messages would fail to be written to the log prior to this fix.
AN-126449 - Medium
The Kafka component of the service manager has been updated to prevent crashes on Windows due to file contention during deletion operations.
AN-118825 - Low
The timestamp
column is now properly labeled in the logs/data-metrics/engine-client.csv
file.
AN-121597 - Low
The system now better protects against the inadvertent deletion of system objects.
AN-122025 - Low
Tomcat logging will now rotate daily by default on Windows.
AN-123038 - Low
Activity in the interface designer is now logged in the Interface Performance logs as "interface designer" instead of "internal."
AN-123496 - Low
The disk usage by Search Server indexes is now correctly captured in disk_usage.csv file in data metrics.
AN-124416 - Low
Resolved an issue that caused exceptions to be printed in application server logs.
AN-124693 - Low
The Design Errors log now contains the process instance ID for errors encountered in task forms.
AN-123928 - Low
Reduces the logging level from ERROR to INFO when there is a problem writing to the Interface Performance logs.
Enhancements
Resolved Issues
Security Updates - Medium
AN-121976 - High
Customers will no longer see the “Invalid Type” error when a package containing the referenced data type is inspected while processes are running.
AN-122213 - High
Fixed an issue that prevented autofill of forms in Google Chrome.
AN-122742 - High
Parsing very large expressions now uses significantly less memory.
AN-120854 - Medium
The stability and reliability of the connection between the application server and the service manager/engines has been significantly improved, resulting in quicker failover in failure scenarios for Appian installations using the high availability configuration.
AN-122350 - Medium
On non-HA configurations only, the service manager will now wait longer for engines to respond to heartbeat requests before determining that the engine is no longer available. This allows for long transactions to complete more reliably on sites experiencing extreme load.
AN-122923 - Medium
Memory usage has been reduced for large interfaces as well as expressions using the reduce()
function.
AN-123021 - Medium
Record lists using multiple sort fields will now export correctly and use the first sort in the list, when exporting up to 1,000 rows. For larger exports, the record's primary key will always be used.
AN-123225 - Medium
Fixed an issue that prevented configuring XA datasources
AN-113640 - Low
Administrators no longer need to run the configure script when deploying hotfixes.
AN-120664 - Low
Fixed an issue that prevented chart reference line labels from displaying.
AN-121769 - Low
The process model metrics log models.csv
now records an additional 4 columns to track the number of users and groups on process model role maps.
AN-1224791 - Low
The folder breadcrumbs no longer display the "Not in Application" tooltip when the designer is in the Objects view.
AN-122572 - Low
User filters and search boxes in Appian Designer no longer cause an error when a space character is entered.
AN-122660 - Low
Resolved an issue that caused exceptions to be printed in application server logs on startup.
AN-122863 - Low
Selecting a date in the Created To filter while viewing the Versions dialog for a process model no longer causes an error dialog.
AN-123568 - Low
Reports are now logged correctly in the Interface Performance logs when accessed using a!reportLink()
.
Resolved Issues
Security Updates - High
AN-120819 - Critical
Fixes an issue where, in rare circumstances, Appian data store entries intended to be transient could accumulate indefinitely, using more and more disk space.
AN-117460 - High
Users can now save mobile notification settings in all supported locales.
AN-122227 - High
Fixed an issue that prevented application server startup when static or dynamic content domains were not configured.
AN-109387 - Medium
The Document Viewer component now correctly displays, downloads, or prints documents even after they have been on the screen for an extended period of time.
AN-117598 - Medium
Fixed an issue where values were cleared unexpectedly from the change password page.
AN-118230 - Medium
During a failover event, the service manager now coordinates the failover to the new primary engine more quickly and accurately.
AN-119335 - Medium
Appian will now perform TLS hostname verification when acting as a JMS client. JMS broker servers must have valid certificates when connecting over TLS.
AN-119731 - Medium
A rollback in the personalization engine has been prevented.
AN-119769 - Medium
When using the Arabic locale and entering integers in Western numerals, separators are now interpreted correctly and a validation is shown when entering a decimal value.
AN-120688 - Medium
The sub_process_ids()
function no longer returns an empty value. This restores behavior to that of version 18.1 and earlier.
AN-120897 - Medium
Importing a child group no longer results in an insufficient permissions error when the designer is inheriting Administrator permissions to the child from the parent group.
AN-121978 - Medium
Fixed an issue with searching for long numbers in record lists.
AN-117851 - Low
Validation for the static and dynamic URLs now supports an additional property to handle sites using an internal/custom top-level domain.
AN-119375 - Low
Added additional logs to help Appian troubleshoot export issues in the future.
AN-119899 - Low
Improved performance of the global objects view.
AN-120795 - Low
Fixed an issue that prevented quoted JNDI names from being parsed.
AN-121069 - Low
The number of data server transactions replayed from Kafka logs on startup is no longer restricted.
AN-121183 - Low
Fixes an issue in the Security Summary that prevented designers from paging through more than 100 sections of objects
AN-119671 - Low
Start form evaluations are now correctly captured in the SAIL details and summary logs
AN-121808 - Low
The public API setTaskDisplayName
now updates the task display name in all locations, including the Tasks tab in Tempo.
AN-121965 - Low
Added additional logs to help Appian troubleshoot export issues in the future.
AN-122302 - Low
Fixed a misleading log message about DataSource password decoding.
Resolved Issues
Security Update - High
AN-116859 - Critical
Fixed an issue that prevented sites from being deleted properly after the "Show Tempo Link" configuration had been changed.
AN-117561 Critical
After rebuilding the analytics engine, sub-processes are correctly associated with their parent process. This restores behavior to be consistent with 18.3 Hotfix Package B and before.
AN-116041 - High
Tasks that are assigned to groups will now appear in user's task lists. This returns behavior to that of 18.3 Hotfix Package B and earlier.
AN-117530 - High
An opportunity for transaction replay error in the process engines has been removed.
AN-117843 - High
The connectionCollation in data source properties has been set to utf8mb4_unicode_ci . The customers will no longer see the “illegal mix of collations” error from MySQL using JDBC driver version 5.1.47 when the character encoding is specified as UTF-8 and the default collation is used by MySQL.
AN-117898 - High
The reliability of the Kafka sub-component of the Service Manager has been improved under failover conditions.
AN-118255 - High
Completing a related action after navigating to the record from a record tag no longer throws an error.
AN-109001 - Medium
Fixed an issue that prevented users in Sites from correctly navigating back to the original form after submitting a start process link if the user had interacted with a web content field.
AN-112928 - Medium
Data type information has been correctly migrated to prevent the possibility of temporary unavailability and incorrect behavior due to the addition of execution engines.
AN-113269 - Medium
Loading interfaces containing start process links when in stateless mode no longer results in an error.
AN-113737 - Medium
Fixed an issue that prevented some Quick Apps Data Sources from being used after migrating to Appian 18.3.
AN-114819 - Medium
Fixed an issue that prevented the group function from recognizing known Group properties.
AN-115460 - Medium
Fixed an issue that prevented site pages from being deleted properly.
AN-115819 - Medium
Startup validation for the static and dynamic domain properties has been updated.
AN-115971 - Medium
The performance of the Content engine has been improved for users who are members or administrators of thousands of groups.
AN-117006 - Medium
When a designer is editing a record type, other designers who open the same record in the Record Type Designer are now notified that the record type is being edited by another designer instead of receiving an error dialog.
AN-117020 - Medium
Parent folders can now be opened from the precedents dialog for expression rules and interfaces.
AN-117178 - Medium
Export Record to Excel now works fine when used in combination with the a!isNativePhone() and the a!isNativeTablet() functions.
AN-117256 - Medium
Fixed an issue that duplicated the data source configuration for Cloud sites running 18.3 or above.
AN-117403 - Medium
Process model administrators can now accept or reassign tasks.
AN-118042 - Medium
Fixed an issue that removed the @Table annotation from any CDT containing a field of type Document upon importing within an Appian patch.
AN-118384 - Medium
Fixed an issue that prevented custom links from appearing on Cloud login pages.
AN-118796 - Medium
After skipping the password expiration warning, users are not correctly directed to their start page.
AN-114186 - Low
In the Missing Precedents dialog, links to the folders and groups that reference a missing object will now open a new tab and load the corresponding folder or group.
AN-115154 - Low
Fixed an issue where expression search results incorrectly displayed older versions of an evolved system rule, even though the latest version of the rule was referenced across all the objects in the application.
AN-115209 - Low
A situation where an execution engine would not promote itself to PRIMARY
status after recovering from rare error conditions has been resolved. This error did not affect high-availability sites.
AN-115391 - Low
The process analytics engines will be automatically rebuilt from the data in the execution engines when this hotfix is applied.
AN-115555 - Low
Record lists with the export to excel button enabled no longer evaluate user filter and default filter expressions multiple times when loading the list.
AN-115968 - Low
Updated default application server heap maximum allocation from 2048m to 4096m.
AN-117145 - Low
A spurious error message written to the service_manager.log
file during startup has been removed.
AN-117424 - Low
Fixed an issue where process reports, when returned from an expression search, incorrectly displayed older versions of an evolved system rule, even though the latest version of the rule was referenced by the process report.
AN-117680 - Low
Fixes an issue in the Security Summary that prevented designers from paging through more than 50 sections of objects
AN-117965 - Low
The columns in the sail_summary and sail_details logs that count the number of stateless and stateful evaluations now show the correct values.
AN-117833 - Low
Duplicate heap configurations in custom.properties no longer prevent application server startup.
AN-117840 - Low
The default location of the search index for the Tempo News search and search server indices is now "
AN-118416 - Low
Fixes an issue where loading or interacting with a record view did not always get recorded in the Interface Performance Details log (sail_details.csv).
AN-118581 - Low
Prevents a potential race condition that can occur during application server startup.
AN-119505 - Low
Starting data server in a clean state now wipes version history data making startup process more robust.
Resolved Issues
Security Update - Critical
AN-115299 - High
Fixed a bug in IE11 where designers couldn't create Integrations from the Call Integration node in the Process Modeler due to an unpopulated Integration Type dropdown.
AN-110671 - Medium
Incremental updates from the process execution engines to the process analytics engines are now more resistant to some kinds of failure. Previously, resetting the analytics engine was required after encountering the error condition.
AN-113114 - Medium - Nested start process links launched from related action forms correctly return to the previous screen after submission.
AN-114819 - Medium
Fixed an issue that prevented the group function from recognizing known Group properties.
AN-115051 - Medium
System administrators can accept or reassign tasks that are assigned to other users, or navigate back from the task to the tasks list.
AN-110631 - Low
Startup of the process execution engines while resetting process analytics engines is now more reliable on sites using the high availability configuration. Prior to this fix, process execution engines may get "stuck" in a starting state and the message remaining ids to propagate: null
would be logged. The workaround for this issue was to restart the process execution engines that were referenced in these log messages.
AN-111734 - Low
System Administrators who are not also in the Designer role no longer see an error when accessing the Administration Console.
AN-114579 - Low
A new public API getObjectsBytype
replaces a previous API of the same name, which is now deprecated. The previous method required passing a private class as an argument (com.appiancorp.ix.Type
); the new method uses classes available in the Public API.
AN-115241 - Low
The Doc Viewer component now uses UTF-8 encoding to display documents with international character sets.
AN-112959 - Low
Reduces the amount of data logged in some scenarios in order to use less disk space.
Enhancements
A proper error message is now logged when the service manager fails to start due to invalid configurations.
Improved performance of the global objects view by not loading objects in this view unless a search is performed or/and a filter is applied.
Resolved Issues
Security Updates - Critical
AN-112967 - Medium
Process analytics reports for users who are members of a large number of groups (> 5,000) now execute faster.
AN-114812 - High
Fixed an issue which prevented inputs in the Call Integration smart service from appearing after migrating from 17.4 to 18.2+.
AN-114814 - High
Fixed an issue where mobile push notifications were displaying as turned off when they were actually turned on.
AN-96390 - Medium
When running the service manager stop script, Zookeeper and Kafka can now be stopped independently of the engines by specifying them in the new -s
or --services
parameter.
AN-108503 - Medium
The service managers now shuts down more reliably when a transaction error occurs after the stop script has been executed.
AN-110220 - Medium
Rows to Display Per Page can now be configured to any value between 1 and 100 when using the grid-style list on record types.
AN-110970 - Medium
Card layouts configured with links now execute links correctly when the card contains an image or billboard.
AN-113188 - Medium
File upload components in grids now display maximum file size validations.
AN-113321 - Medium
Process reports that filter on a list of process ids no longer result in an error if one of those process ids is invalid.
AN-113561 - Medium
Fixed an issue that prevented the document viewer component from rendering properly in Firefox.
AN-113933 - Medium
Tempo users who launch a start process link from a record list now return to the record list after completing all chained forms in that process.
AN-114074, AN-114857 - Medium
Environments with a very large number of groups now use less memory.
AN-114770 - Medium
Site logos now render correctly when defined by expression.
AN-112734 - Low
A small memory optimization has been implemented in the way the data types are stored and retrieved.
AN-113390 - Low
Fixed an issue with incorrect text being displayed in the Appian Authentication page of the Admin Console.
AN-114310 - Low
The system will now more reliably find the path to the appian-topology.xml
file on Windows.
Resolved Issues
Security updates - Low
AN-109613 - High
Fixed an issue where some local variables were reusing values of local variables defined in different parts of an object.
AN-109954 - High
Large number of emails in the notifications email engine will no longer cause the engine to lock up when it tries to send them.
AN-111731 - High
Data type information is now correctly propagated to the newly added process execution engines. This fix prevents the possibility of temporary unavailability and incorrect behavior after adding additional execution engines.
AN-112823 - High
Fixed a backwards compatibility issue with the Call Web Service node. Once again, the desired connection port is being specified by the host header.
AN-113146 - High
Process events, like messages, on execution engines above execution15 no longer result in hanging processes under high load.
AN-111163 - Medium
Fixed an issue that prevented users from interacting with a document in the document viewer component after accepting a task.
AN-111313 - Medium
Fixed an issue with exporting a record type with a related action name or description configured using a rule. Records like this now import correctly in environments where the rule already exists and has been renamed.
AN-111520 - Medium
Fixed an issue when duplicating an interface wasn't duplicating the default test inputs.
AN-111994 - Medium
Groups no longer fail to import due to missing member groups
AN-112007 - Medium
Email address validation for users now accepts all top level domains registered as of March 2018.
AN-112135 - Medium
Fixed an issue that prevented the runtime execution of integrations with custom error messages that referenced rule inputs
AN-112988 - Medium
The loading bar now renders correctly when chaining through forms launched via a start process link.
AN-112233 - Low
The document viewer component is no longer replaced by white space when dragged and dropped in its original location in the Interface Designer.
Perform the following steps to apply the hotfix:
<APPIAN_HOME>
directory.
<APPIAN_HOME>
directory.<APPIAN_HOME>
directory.<APPIAN_HOME>/deployment/web.war
to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.To determine if Appian 18.3 Hotfix Package S is deployed, open the build.info file located in <APPIAN_HOME>/conf/
. The contents of this file should match the following code sample:
build.revision=86dc0e3dc8d5a77552df8428abcab7a667b0ed96 build.version=18.3.301.0
On This Page