The following hotfix is available for Appian 19.1.
This is a cumulative hotfix package that includes Hotfix Packages A, B, C, D, E, F, G, H, I, J, K, L, M, N, O, P, and Q as well as new hotfixes in a single download and a set of instructions. This package is required for any Appian 19.1 installations not currently on Hotfix Package R. After installing, you will be running on Appian 19.1 Hotfix Package R.
See the Installation section at the bottom of this page for instructions on how to install this hotfix package.
Resolved Issues
Security Updates - High
AN-162600 - Medium
Modal dialogs now show a visual indicator when the dialog itself has keyboard focus.
AN-163516 - Medium
An issue resulting in an excessive number of threads in a waiting state on a site after the usage of data stores has been resolved.
AN-163541 - Medium
It is no longer allowed to create a business data source in the Admin Console with the same name as the Appian Cloud provided business data source.
Resolved Issues
Security Updates - Medium
AN-160317 - High
Fixed an issue with component plug-ins where users on Google Chrome 83 could not download the embedded content.
AN-161752 - High
Data cleanup procedures that run on site startup now run asynchronously so that the do not block the startup process.
AN-93216 - Medium
The login behavior is now consistent when attempting authentication with invalid credentials and the system has both SAML and LDAP authentication mechanisms configured and enabled.
AN-160320 - Medium
The default Administrator account can no longer authenticate with its default password if other system administrator accounts exist.
AN-160322 - Medium
Creating a System Administrator user via passwords.properties during initial installation now invalidates the default Administrator account's default password.
AN-162191 - Medium
A custom property has been added to make it easier to connect with databases that have case-sensitive collation configured. This property allows customers to work around the scenario of data stores not validating due to the application server lower-casing the schema defined in the XSD. On-premise customers can set "conf.data.teneo.naming.strategy" property in custom.properties to "none" to access the problematic entities. For cloud customers, the same property can be set via a Support case.
AN-160904 - Low
A potential thread deadlock when connecting to a data source has been removed.
AN-161558 - Low
Updated interface and data type designers to use improved terminology: ""grid with detail view"" and ""parent-child""
Resolved Issues
Security Updates - Medium
AN-160477 - High
Screen reading software now correctly reads content within non-collapsible sections and boxes in Internet Explorer 11. This is not an issue in other browsers.
AN-156333 - Medium
Blocks the /suggest/ endpoints from being end-user accessible when Portal is disabled
AN-156806 - Medium
Fixed an issue where saving an expression with unbalanced parentheses or brackets could cause an expression to use older versions of functions.
AN-158447 - Medium
This doesn't change any user-facing functionality, but sets up logic to enable us to easily change permission levels in uri-list.csv and auto-generate the remaining files.
AN-160248 - Medium
Fixed an issue with the web content component where users on Google Chrome 83 could not download the embedded content.
AN-142032 - Medium
Search Server now does not repeatedly retry indexing a contiguous string greater than 32k in length. Any error due to such strings is now printed only once in the application server log.
AN-155604 - Low
Deletes certain htmlarea example files that were not needed and could expose information
AN-155620 - Low
Blocks certain endpoints within htmlarea from being end-user accessible when Portal is disabled
Resolved Issues
Security Updates - High
AN-155298 - Medium
When invoking a web API, the authorization header is now hidden.
AN-154661 - Low
Fixed Cross Site Scripting Vulnerability in Data Store name
AN-157343 - Low
Fixed XSS in Generate Documentation in Process Modeler
Resolved Issues
Security Updates - Low
AN-155163 - High
Fixed an issued where the users page in the design console was inaccessible in some scenarios
AN-154589 - Medium
Fixed an issue with Search Server log rotation.
AN-156132 - Medium
Fixed an issue that incorrectly warned developers that others were editing the same process model.
AN-154339 - Low
Fixed an issue with Liquibase handling of Oracle DB timestamp values
Resolved Issues
Security Updates - Medium
AN-153911 - High
The performance of dictionaries with a large number of fields has been improved.
AN-150731 - Medium
Fixed an issue with the getUsernameByUuid API that could result in null users
AN-152705 - Medium
a!queryProcessAnalytics no longer returns an error when an empty list is provided as the query.
AN-154329 - Medium
Improved performance of Interface Designer for interfaces with deeply nested components.
Removals
The Disk Usage Metrics log has been removed. Previously, this log would record the amount of disk space consumed by logs, process model definitions, search indexes, and documents on a 12 hour cadence. For sites that had large numbers of these items, the size calculation could lead to intermittent performance issues.
Resolved Issues
Security Updates - Medium
AN-149140 - High
For security reasons, the Query Database Smart Service has been updated. Customers cannot run the LOAD DATA LOCAL INFILE command against a MySQL database by default from a Query Database Node in the Process Model. To provide higher security, for Appian Cloud customers, this command was already disabled at the database level for the Appian Cloud database and at the JDBC level for configured MySQL databases. There is no impact or action for Cloud customers. On-premise customers who wish to use this command must set the conf.data.mysql.loaddata.enabled property to "true" and conf.data.load.infile.path property as a comma-separated list of paths to whitelisted directories that contain the files to be loaded. If the required properties are not set, any Process Model using this command will pause by exception at runtime. This command is generally used to periodically load data from files into the database, and so we expect that most customers will not have to take the required action.
AN-149305 - High
JDBC connector configuration property "autoDeserialize" has been set to false for all MySQL database connections, in order to improve security.
AN-151549 - High
Adds additional protection against interfaces with large context memory sizes.
AN-137156 - Medium
Fixed an issue in the Interface Designer which prevented Design Mode from loading when using a!groupsByName().
AN-135117 - Low
Fixed an issue where changing a group type's name reset the attribute values of dependent groups.
AN-150265 - Low
Updated export function and smart service descriptions to include column limits.
Resolved Issues
Security Updates - Medium
AN-148043 - High
When using IE11 in compatibility mode to authenticate to Appian via SAML, an error which prevents sign-in no longer occurs.
AN-147957 - High
Application server performance under high concurrency has been improved.
AN-147763 - High
Fixed an issue with the "not in" operator in a!queryFilter.
AN-146311 - High
A condition that could cause the process execution engines to use abnormally high amounts of CPU has been removed.
AN-145981 - High
An error that could prevent proper shutdown that would prevent upgrading has been prevented.
AN-142514 - High
Fixed an issue that would have been introduced by an upcoming Chrome version, Chrome 80, where embedded users would be unable to login.
AN-148138 - Medium
Fixed issue causing Query Database smart service to pause by exception when its first input is null
AN-146512 - Low
The cleanup script no longer removes archived kdb files when the logs
parameter is specified.
AN-60854 - Low
A 'Report-Only' Content Security Policy header has been added.
Resolved Issues
Security Updates - High
AN-145504 - Critical
For security reasons, the Query DB Node smart service has been updated. Customers running the LOAD DATA INFILE command against a MySQL instance (only applicable to Configured Data Sources; not applicable to the Appian Cloud database) from a Query DB Node in a Process Model must set the conf.data.load.infile.paths custom property as a comma-separated list of file paths to whitelist the required directories. If the property is not set, any Process Model using this command will pause by exception at runtime. This command is generally used to periodically load data from files into the database, and so we expect that most customers will not have to take the required action described here.
AN-146705 - Low
Fixed an issue causing Search Server to break a site that is low on disk space
Resolved Issues
Security Updates - Critical
AN-141281 - High
Fixed an issue where orphan process variables could exist and impact system performance.
AN-139947 - Medium
System memory use for Appian Cloud sites has been reduced.
AN-145027 - Medium
Document upload will no longer be limited by personal user storage space quotas, which were deprecated in Appian 17.3.
Resolved Issues
Security Updates - Critical
AN-143289 - Critical
Fixed an issue with a null parameter in a!queryLogicalExpression and a!queryAggregation.
AN-142283 - Medium
Fixed an issue that caused some record links to break on import if the record type was deleted and then re-imported.
AN-141658 - Medium
Users no longer need to be in the Designer group to upload documents using Google Cloud Vision, SharePoint, and other document-based connected systems.
AN-142517 - Low
Scheduled backups for on-premise customers taken with the backup script now include Kafka logs and Zookeeper data
AN-141300 - Low
HTML entered in a post, message, or comment is now rendered as text in Appian emails.
AN-139911 - Low
The queryFilter function with an 'in' filter that has many values now performs as expected again. In fact, it is over an order of magnitude faster than it was before this issue was introduced! All query filters have improved noticeably in performance, but none nearly as much as an 'in' filter with many values. This applies equally to uses of queryFilter in the queryentity, queryrecord, and queryProcessAnalytics functions.
Resolved Issues
Resolved Issues
Security Updates - Critical
AN-139079 - High
An issue that could prevent zookeeper from restarting cleanly in on-premises installations has been resolved.
AN-70284 - Medium
Fixes a variety of internationalization issues with date and time formatting. For the Arabic [ar] locale, hours and seconds are now internationalized correctly, as well as the timezone. For the Arabic [ar], Chinese (Simplified) [zh_CN], Chinese (Traditional) [zh_HK], Japanese [ja], and Swedish [sv] locales, AM and PM will also be properly internationalized.
AN-125589 - Medium
No errors are thrown if devops infrastructure url wasn't set on cloud sites
AN-129916 - Medium
A error in Kafka that could prevent startup has been corrected.
AN-134827 - Medium
Fixed an issue with rendering interfaces containing deeply nested columns in Interface Designer's live preview.
AN-136540 - Medium
Fixed a bug that caused integrations to break on import when they reference themselves in the default test values
AN-137595 - Medium
Fixed an indexing error that could occur with updates to the analytics engine
AN-138292 - Medium
When running as a Windows service, the service manager process is now more tightly linked to the Windows service, preventing cases where one would be running without the other.
AN-50653 - Low
Large folders no longer display negative sizes.
AN-134752 - Low
Added data metrics for SSL certificates
AN-136623 Low
Fixed an issue where duplicate entries were being logged for some exec errors
AN-136712 - Low
The speed at which Tasks, Actions, and News items are loaded has been improved. The improvement removes the performance degradation observed in some cases on Appian versions 18.3 and later.
AN-137640 - Low
Added a new audit log, removed_processes.csv, to track events where a process is deleted or archived off of the system
AN-138326 - Low
Added logging improvements to the engine client.
AN-138674 - Low
Search server startup now waits for 30 seconds before timing out. Enhanced messaging has been added for the waiting period.
AN-139526 - Low
Adds additional logging when certain errors occur while executing a save in an interface.
AN-140194 - Low
The performance improvement for Tasks, Actions, and News items loading in AN-136712 has been reverted due to race conditions which caused users to see 403 errors. The reversion applies to Appian versions 19.1 and later.
Enhancements
Resolved Issues
Security Updates - High
AN-136428, AN-136466, AN-136570 - High
The Hotfix resolves a vulnerability related to Google Service Account integrations with Appian. It is recommended that users of Google Service Account integrations reset their passwords in connection with the installation of this Hotfix.
AN-137627 - High
Query database smart service now tolerates MySQL client-side prepared statements and does not fail.
AN-113345 - Medium
Drilling from a process report to individual processes now works correctly.
AN-135990 - Medium
The "version" Process Model property now returns the correct result in Process Reports when the process has undergone In-Flight Modification (IFM).
AN-136782 - Medium
MySQL prepared statements are now correctly closed. Query Database Smart Service will no longer fail because of application reaching the max_prepared_stmt_count value for prepared statements.
AN-136861 - Medium
Side-By-Side Layout item lists no longer cause an error with null or empty string values.
AN-137015 - Medium
A new Appian installation now correctly starts with MySQL 8.0.16 configured as a primary data source. Customers will no longer see the data truncation error.
AN-137414 - Medium
The optimization to enable faster querying of deeply nested CDTs with one-to-many relationships has been turned on by default for on-premise customers.
AN-129208 - Low
The start process smart service no longer logs excessive error messages if the user who starts the process does not have permission to see that process.
AN-135661 - Low
The Mean Individual Time value in the appian_functions_details.csv and expressions_details.csv logs is now calculated correctly. Prior to this fix, the value could be greater than the Mean Total Time value.
AN-136209 - Low
Zookeeper connectivity issues during startup no longer prevent a clean shutdown of the Appian engines.
AN-136685 - Low
Fixed an issue that caused extraneous logging in customer logs
AN-137010 - Low
An artificial memory cap for the search server has been removed.
AN-137338 - Low
A rare race condition that could cause an engine to hang in a "stopping" state when stopping the engines immediately after starting them has been prevented.
Resolved Issues
a!sortInfo()
but the ascending
parameter is not defined.if()
function. Now duplicates of the component are no longer displayed. This restores behavior to be consistent with version 18.4 and earlier.Resolved Issues
javax.swing.*
package now work in Appian Cloud. Prior to this fix, the plug-in smart service or function would fail and an error message similar to the following would be logged by the application server: java.lang.NoClassDefFoundError: Could not initialize class javax.swing.RepaintManager
. This returns behavior to that of versions 18.4 and earlier.Resolved Issues
Enhancements
Appian now supports using Login.gov as a SAML identity provider. See SAML for Single Sign-On documentation for details.
The Appian Function Details log, appian_functions_details.csv
, has been updated to include an additional column that displays the evaluation time of the individual function excluding the evaluation time of its parameters.
Resolved Issues
Security Updates - High
AN-126930 - High An error in the engine sizing script has been resolved
AN-116120 - Medium
Fixed an issue to prevent visibility expressions in a record list grid column from evaluating on each row
AN-123111 - Medium
Fixed an issue with performance when designing interfaces; the change will especially improve navigation to/from the Performance View and general performance of large interfaces.
AN-125925 - Medium
The service manager will now terminate with a descriptive error message if it is unable to allocate a thread rather than run in a potentially unstable state.
AN-126449 - Medium
The Kafka component of the service manager has been updated to prevent crashes on Windows due to file contention during deletion operations.
AN-126960 - Medium
Parameters for a!queryFilter are now not evaluated if the showWhen parameter is false.
AN-127442 - Medium
The performance of the Start Process smart service has been improved.
AN-128387 - Medium
Connecting to External JMS Brokers is now supported.
AN-128504 - Medium
Fixed OAuth authorization error for Connected System Plug-ins that occurred after import.
AN-121597 - Low
The system now better protects against the inadvertent deletion of system objects.
AN-125603 - Low
Fixed an issue where clicking on the caption on a rich text icon with a link launched the link.
AN-126631 - Low
Autofill no longer interferes with entering values in date and date time components.
AN-127095 - Low
Fixed an issue where recent changes to an interface of a component plugin are not reflected at runtime.
AN-127101 - Low
Fixed an issue where the toolbar on the Process Model Metrics page displayed incorrectly for some browsers.
AN-127483 - Low
An error message is now displayed when a designer executes a non-HTTP Integration that is not associated with a Connected System.
AN-128290 - Low
Fixed an issue that reported an invalid session count for Appian Cloud sites with Trusted IP addresses.
Perform the following steps to apply the hotfix:
<APPIAN_HOME>
directory.
<APPIAN_HOME>
directory.
<APPIAN_HOME>
directory.<APPIAN_HOME>/deployment/web.war
to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.To determine if Appian 19.1 Hotfix Package R is deployed, open the build.info file located in <APPIAN_HOME>/conf/
. The contents of this file should match the following code sample:
build.revision=7db2ea0e1a4316970a7f4470c9ee18f6de17026a build.version=19.1.312.0
On This Page