Free cookie consent management tool by TermsFeed Appian Hotfixes [Hotfixes]
Appian Hotfixes

This page lists all the recent hotfixes for Appian 21.4.

Appian Cloud customers can refer to MyAppian to see your latest hotfix version.

For self-managed customers, all hotfixes are released as a downloadable package bimonthly, at the beginning and middle of the month. The most recent package is as of 03 Nov 2023.

Cloud-only resolved issues

The following issues have been recently resolved in Appian Cloud 21.4 as of the date indicated. These hotfixes will be available for self-managed customers in the next bi-monthly package.

21.4.2340.0 (09 Nov 2023)

  • Security Updates - Critical

  • AN-249650 - Medium
    Updated support for checkpoint script to be initiated from any node, not just the primary node.

Self-managed package (03 Nov 2023)

Self-managed customers can use the following links to download and install the hotfixes package.

This cumulative hotfix package includes all resolved issues listed below in a single download. This hotfix is required for any Appian 21.4 installations not currently up to date with the latest hotfixes. After installing, you will be running on Appian 21.4.2327.0.

You can view your current self-managed Appian version by logging into your Appian environment as a designer or system administrator and clicking the navigation menu > About Appian.

The package resolves the following issues.

21.4.2327.0 (03 Nov 2023)

  • Security Updates - High

21.4.2310.0 (26 Oct 2023)

  • Security Updates - Critical

  • AN-250045 - High
    Fixed display of HTML elements as text in rich text editor for Send-Email body node in Process Model

  • AN-243892 - Low
    Fixed an issue that was causing users to encounter error code 500 when trying to access the cloud database through phpMyAdmin.

21.4.2300.0 (19 Oct 2023)

  • Security Updates - High

  • AN-249274 - Medium
    Fixed an issue with defining the maximum checkpoint limit for Service Manager.

  • AN-247910 - Medium
    Fixed an issue that where a process would return an incorrect response instead of abort.

21.4.2281.0 (13 Oct 2023)

  • Security Updates - Low

  • AN-248721 - High
    Fixed issue where process models could not be saved if HTML decoding in the message Body of the Send Email node occurred

21.4.2270.0 (05 Oct 2023)

  • Security Updates - High

  • AN-246311 - High
    Updated third party libraries

  • AN-243743 - Medium
    A maximum statement timeout of 12 hours is applied to all select queries executed through the Enhanced Data Pipeline (EDP) to prevent Appian Cloud database restart issues caused by long innodb_history_list_length.

21.4.2245.0 (28 Sep 2023)

  • Security Updates - Critical

21.4.2225.0 (21 Sep 2023)

  • Security Updates - Critical

  • AN-245611 - High
    Security Improvement

  • AN-242849 - Low
    TLS 1.1 has been disabled for Enhanced Data Pipeline due to various security issues. Refer to your tool’s documentation for instructions on connecting to an external database using TLS 1.2 or TLS 1.3. Alternatively, you can try adding the properties enabledSslProtocolSuites=TLSv1.2 and useSsl=true to your database connection string.

21.4.2210.0 (14 Sep 2023)

  • Security Updates - Medium

  • AN-244680 - Medium
    Updated guava library in the salesforce connected system

  • AN-240370 - Medium
    Updated Bouncy Castle library

21.4.2190.0 (07 Sep 2023)

  • Security Updates - High

  • AN-244313 - High
    Security Improvement

  • AN-238159 - High
    Updates to Netty library

  • AN-244525 - Low
    Security Improvement

  • AN-234229 - Low
    Security Improvement

  • AN-207776 - Low
    Updating time picker placeholder text for 24hr-based locales.

21.4.2170.0 (31 Aug 2023)

  • Security Updates - High

  • AN-241110 - High
    Updated spring security library

  • AN-237829 - High
    Updated the guava, jackson databind, jackson core, and jackson annotations libraries.

  • AN-219753 - Medium
    Fixed an issue that allowed open redirects from being caught by validation.

  • AN-241206 - Low
    Adding additional logging for Kafka transaction writing for troubleshooting.

  • AN-156340 - Low
    Adding additional engine logging for troubleshooting

21.4.2150.0 (24 Aug 2023)

  • Security Updates - High

  • AN-243290 - High
    Security Improvements

  • CN-23112 - Medium
    Kakfa performance tuning

  • AN-236122 - Medium
    Updated Google Cloud Libraries

  • AN-242915 - Low
    Resolved a Kafka startup issue for Windows users.

21.4.2130.0 (15 Sep 2023)

  • Security Updates - High

  • AN-240325 - Medium
    Security Improvements

21.4.2105.0 (10 Aug 2023)

  • Security Updates - High

21.4.2080.0 (03 Aug 2023)

  • Security Updates - Critical

  • AN-240839 - Low
    Fixed an issue where Kafka topics would not come online.

21.4.2055.0 (27 Jul 2023)

  • Security Updates - Critical

  • AN-240255 - High
    Updated Guava Library in the Blueprism Connected System

  • AN-237999 - Medium
    Fixed an issue where Kafka topics could not come online.

21.4.2040.0 (20 Jul 2023)

  • Security Updates - Critical

  • AN-237908 - Medium
    Updates to bouncycastle in Docusign connected system

  • AN-223680 - Medium
    Fixed an issue that was causing significant delays during the checkpoint storage process.

  • AN-240883 - Low
    Configuring future support of kRaft.

21.4.2015.0 (13 Jul 2023)

  • Security Updates - Critical

  • AN-226846 - Critical
    Updated Snakeyaml library

  • AN-225107 - Critical
    Updated Snakeyaml Library

21.4.2000.0 (06 Jul 2023)

  • Security Updates - Critical

  • AN-238140 - Critical
    Security Improvement

  • AN-203023 - Medium
    Updated POI Library

  • AN-234393 - Low
    Updated Service Manager start script to support manual transaction replay.

  • AN-221295 - Low
    Updating MirrorMaker support for Appian on Kubernetes customers.

21.4.1985.0 (29 Jun 2023)

  • Security Updates - Critical

  • AN-238270 - Critical
    Resolved an issue that was causing intermittent "403 Forbidden" errors when accessing a User Start Page site

  • AN-238044 - High
    Secuity update

  • AN-228346 - High
    Updated Google Cloud Translate and Protobuf Libraries

  • AN-217955 - High
    Updated Mozilla Rhino version

  • AN-237074 - Medium
    Updates to CMIS Data Connector

21.4.1965.0 (22 Jun 2023)

  • Security Updates - Critical

  • AN-201242 - Medium
    Updated Kafka server.log storage to now store up to 10 server.log files, 10MB in size each.

  • AN-232723 - Low
    Enhanced Kakfka advertised listeners to support MirrorMaker

21.4.1940.0 (15 Jun 2023)

  • Security Updates - Critical

  • AN-223263 - High
    Windows and Linux now use independent split installers.

  • AN-229662 - Low
    Fixed a ZooKeeper leadership election bug that can result in write request rejections.

21.4.1915.0 (08 Jun 2023)

  • Security Updates - Critical

21.4.1895.0 (01 Jun 2023)

  • Security Updates - Critical

  • AN-235114 - High
    Fixed an issue that caused existing Client Credentials for Web APIs to expire after a year when new Client Credentials were generated.

  • AN-233537 - High
    Upgrade Atlassian and Jettison Libraries

  • AN-234223 - Low
    Fixes ADS debug logging issue.

21.4.1885.0 (24 May 2023)

  • Security Updates - High

  • AN-232946 - High
    Bug fix in expression deserialization that threw unnecessary Invalid Byte Exception

  • AN-232634 - High
    Upgraded Elasticsearch to version 7.17.9.

21.4.1865.0 (19 May 2023)

  • Security Updates - Critical

  • AN-232003 - High
    Integrations no longer fail when using TLS 1.3

  • AN-231369 - High
    Upgraded Spring library

  • AN-230001 - High
    Updated Clojure library

  • AN-226471 - High
    Upgraded reload4j library

  • AN-230345 - Medium
    Fixed an issue with groups that have an expression defining "Visibility" where group members were being redirected to Tempo when clicking a task link in an email instead of being directed to the URL configured as the group's "User Start Page".

  • AN-234594 - Low
    Upgrading Redisson Client

21.4.1840.0 (11 May 2023)

  • Security Updates - High

  • AN-232228 - High
    Updated Jackson Databind Library

  • AN-231242 - High
    Upgraded Woodstox library

  • AN-233855 - Medium
    Upgraded Spring library

  • AN-232037 - Low
    Upgraded Liquibase to patch release v4.21.1.

  • AN-229296 - Low
    Fixed an issue with certificate regeneration in the "Connected Environments" feature where the generated certificate was attributed to "Administrator" instead of the user who initiated the regeneration.

21.4.1820.0 (04 May 2023)

  • Security Updates - High

  • AN-232615 - High
    Security improvements

  • AN-233239 - Low
    Better handling of exceptions thrown while processing write requests in ADS.

21.4.1805.0 (28 Apr 2023)

  • Security Updates - High

  • AN-229971 - Low
    Reduced service manager shutdown time for customers managing Appian on Kubernetes.

21.4.1780.0 (20 Apr 2023)

  • Security Updates - High

  • AN-223083 - High
    Removed xalan library

21.4.1765.0 (13 Apr 2023)

  • Security Updates - High

  • AN-230038 - High
    Updates to Woodstox core asl library

  • AN-229036 - High
    Updates to jackson core, jackson databind, and jackson annotation libraries

  • AN-229685 - Low
    Security Improvements

21.4.1745.0 (06 Apr 2023)

  • Security Updates - Critical

  • AN-226331 - High
    Update Apache commons-fileupload library

  • AN-229993 - Medium
    For Cloud Database, increased max_input_vars value to 2000 to prevent runtime errors from occurring in phpMyAdmin.

21.4.1730.0 (31 Mar 2023)

  • Security Updates - Critical

  • AN-228562 - High
    Security Improvement

  • AN-227900 - Low
    Updated ADS error message to include additional information to help debug the failure.

21.4.1710.0 (23 Mar 2023)

  • Security Updates - High

  • AN-227747 - High
    Updated fasterxml.jackson and google.guava

  • AN-227457 - High
    Updated Netty Library

  • AN-211751 - Medium
    Fixed an issue that caused processes to auto-archive by default ignoring the AUTOARCHIVE custom.property setting.

  • AN-221502 - Low
    Improved Kafka's logging by suppressing redundant log entries.

21.4.1690.0 (16 Mar 2023)

  • Security Updates - Critical

  • CN-20152 - Critical
    Unsupported non-ASCII256 header values are converted to ?

  • AN-227752 - Critical
    Security Improvements

  • AN-226788 - High
    Fixed an issue that could result in HA site failure when a site's primary engine becomes unavailable.

  • AN-220855 - High
    Updated Jackson libraries

  • AN-227793 - Medium
    Fixed a bug where generating a record action with a data type and data store would fail.

21.4.1665.0 (09 Mar 2023)

  • Security Updates - Critical

  • AN-218002 - Medium
    Appian Cloud Database now uses version 5.2.1 of phpMyAdmin.

21.4.1645.0 (02 Mar 2023)

  • Security Updates - High

  • AN-223242 - Critical
    Updated jave protobuf, google cloud automl, jackson databind, google cloud core, and google cloud storage libraries within Google Connected Systems

  • AN-226698 - High
    Security Improvements

  • AN-211063 - High
    Removed extraneous log entries from the MirrorMaker log file to improve overall legibility.

  • AN-222300 - Low
    Configure Script now includes the ability to validate an installation.

21.4.1625.0 (24 Feb 2023)

  • Security Updates - High

  • AN-226160 - High
    Security Improvement

  • AN-226155 - High
    CVE Fixed on Jaeger Agent image

21.4.1605.0 (17 Feb 2023)

  • Security Updates - Critical

21.4.1590.0 (09 Feb 2023)

  • Security Updates - Critical

  • CN-18110 - Low
    Fixed an issue that prevented shutdown of the Internal Messaging Service for some high availability sites.

  • AN-223401 - Low
    Updated the engine startup script to include logging on script invocation time and passed parameters.

  • AN-222592 - Low
    Fixed an issue where process history replication factors were incorrect following a change in site topology from single node to high availability.

21.4.1575.0 (02 Feb 2023)

  • Security Updates - Critical

  • AN-223199 - High
    Prevent ADS issues due to Network Latency

  • AN-221245 - High
    Kafka Upgrade

  • AN-220693 - Medium
    For Appian Cloud customers who have a dedicated database node, the default range of read and write I/O threads is now set to be between 4 and the total number of CPUs on the database node divided by 2. Customers who have dedicated database nodes will experience performance improvement from this update.

21.4.1560.0 (26 Jan 2023)

  • AN-222683 - High
    Fixed an issue that prevented exporting records to Excel from embedded interfaces.

  • AN-220449 - High
    Upgraded SnakeYAML Library

21.4.1550.0 (19 Jan 2023)

  • Security Updates - Low

  • AN-221122 - Critical
    Removed references to the ConsumerConfig.addDeserializerToConfig and ProducerConfig.addSerializerToConfig methods due to deprecation in Kafka 3.3.1.

  • AN-218227 - Low
    Improved ADS logging when it is run as a service.

21.4.1530.0 (12 Jan 2023)

  • Security Updates - Low

  • AN-218961 - Low
    Process models are now able to be saved using "Save As" in all supported languages.

21.4.1515.0 (05 Jan 2023)

  • AN-221569 - Medium
    Fixed an issue that caused an error to occur in the Document Extraction reconciliation task when extracting tables from Fillable PDFs.

  • AN-218809 - Medium
    For the Appian Cloud MariaDB database, ANALYZE TABLE command is now run for all the tables at the site start up.

  • AN-217357 - Low
    For Appian Cloud MariaDB database, transaction isolation level has been set to read-committed for phpMyAdmin connections.

  • AN-202061 - Low
    Fixed an issue with interface data field errors where users were instructed to use an invalid date format.

21.4.1495.0 (22 Dec 2022)

  • Security Updates - Low

  • AN-220626 - Medium
    The property conf.monitoring.rdbms.SLOW_QUERY_THRESHOLD_MS in custom.properties can now be set permanently on Appian Cloud environments via an Appian Support case. This property configures the threshold value (in milliseconds) that logs a slow query operation by data store.

  • AN-220114 - Medium
    Process deletion now uses memory more efficiently. Prior to this fix, deleting a large number of processes would cause high heap memory utilization.

  • AN-219912 - Medium
    Appian Cloud now uses the 42.5.1 version of the JDBC Driver for PostgreSQL Database.

21.4.1475.0 (15 Dec 2022)

  • Security Updates - Critical

  • AN-220177 - Medium
    Security Improvements

21.4.1455.0 (08 Dec 2022)

  • AN-219995 - High
    Security Improvement

  • AN-218784 - Low
    MariaDB database in Appian Cloud received a minor version upgrade to 10.6.11

21.4.1440.0 (02 Dec 2022)

  • Security Updates - Critical

  • AN-217700 - Medium
    Fixed an issue that caused intermittent "Cannot read properties of null (reading 'getIn')" errors during user site interaction.

21.4.1420.0 (18 Nov 2022)

  • Security Updates - Critical

  • AN-218220 - High
    Fixed an issue that prevented MariaDB from starting up on a distributed topology Appian Cloud environment with database encryption enabled.

  • AN-217611 - High
    Increases the connection pool for ADS queries

  • AN-215914 - Low
    Security Improvement

21.4.1395.0 (11 Nov 2022)

  • Security Updates - Critical

  • AN-213666 - High
    Upgrade SnakeYAML Library

  • AN-214213 - Medium
    Upgraded OpenPDF from version 1.3.26 to 1.3.30 to provide support for additional encryption types.

  • AN-216864 - Low
    Fixed an issue where decimals contained in a Record Type are converted to text when exported to Excel.

21.4.1380.0 (04 Nov 2022)

  • Security Updates - High

21.4.1360.0 (27 Oct 2022)

  • Security Updates - Critical

  • AN-217565 - Critical
    Security Improvement

  • AN-212451 - Critical
    Removed the Apache Xalan Java library. If you have developed any plug-ins that depend on Apache Xalan, you will need to update them to remove or replace the use of this library. If you don't update them, they will stop working when plug-in users upgrade.

  • AN-215833 - Medium
    Security Improvement

  • AN-214120 - Medium
    For Appian Cloud database, fixed an issue with slow_log table that prevented sites from starting up.

21.4.1325.0 (14 Oct 2022)

  • Security Updates - Critical

  • AN-212724 - Low
    Upgrade Tika Library

21.4.1320.0 (13 Oct 2022)

  • Security Updates - High

  • AN-215834 - Medium
    Security Improvement

  • AN-212567 - Medium
    For the Appian Cloud database, the definer of a database event no longer resets to default after a database failover.

21.4.1300.0 (06 Oct 2022)

  • Security Updates - High

21.4.1275.0 (30 Sep 2022)

  • Security Updates - High

  • AN-213756 - High
    MariaDB database in Appian Cloud received a minor version upgrade to 10.6.9

  • AN-214461 - Medium
    Fixed an issue where Start and Stop script permissions were incorrectly set after applying a hotfix.

  • AN-212535 - Medium
    Fixed an issue where file uploads freeze when a file upload component is embedded in an editable grid.

  • AN-210227 - Medium
    Updated the change-paths.bat script logs to include values for notesOldPath and notesNewPath.

  • AN-212006 - Low
    For the Appian Cloud MariaDB database, the default threshold for slow queries logged in AppianProcess.slow_log view has been changed from 2 seconds to 7 seconds in order to reduce noise in the log.

21.4.1225.0 (15 Sep 2022)

  • AN-210242 - High
    Upgrade Jetty Library

  • AN-213319 - Medium
    Fixed an issue in Kafka topicRecovery script which could lead to topics not having an assigned leader.

  • AN-212443 - Medium
    Fixed an issue where Start and Stop script permissions were incorrectly set after applying a hotfix.

  • AN-187367 - Low
    A bug was identified that caused the recipients email header to be blank in outbound emails, which caused Appian-generated notifications to be routed to spam occasionally. The recipients header is now populated for all outbound emails.

21.4.1205.0 (08 Sep 2022)

  • Security Updates - High

  • AN-210621 - High
    Improve ADS connection pool error handling

21.4.1190.0 (02 Sep 2022)

  • AN-212086 - Medium
    Fixed an issue where embedded Google Maps display an error when "View Larger Map" is clicked.

  • AN-211829 - Low
    The read-only grid now uses the proper decimal separator according to the user's locale when displaying decimal numbers in grid cells.

21.4.1180.0 (01 Sep 2022)

  • Security Updates - High

  • AN-211615 - High
    Upgrade OkHttp Library

  • AN-213051 - Medium
    For Appian Cloud database, fixed an issue that prevented Database Administrators from editing and exporting stored procedures from phpMyAdmin.

  • AN-202701 - Medium
    Fixed an issue where exiting out of a file upload component prior to upload completion causes the interface to break due to a null pointer exception.

  • AN-191159 - Low
    Upgraded the Salesforce Connected System component REST API from version 44.0 to 52.0. API version 52.0 is backwards compatible with previous versions.

21.4.1155.0 (25 Aug 2022)

  • Security Updates - Critical

  • AN-212519 - Medium
    Fixed an issue that resulted in intermittent "Cannot read properties of null (reading 'getIn')" errors when entering information into an interface textField.

  • AN-167569 - Low
    Fixed an issue that introduced unnecessary log pollution and degraded the collection of Record Response Time metrics.

21.4.1135.0 (19 Aug 2022)

  • Security Updates - High

21.4.1130.0 (18 Aug 2022)

  • Security Updates - Critical

  • AN-210950 - Medium
    Upgraded AWS Machine Learning Library

  • AN-209146 - Medium
    Upgraded Bouncy Castle Library

  • AN-212000 - Low
    Add a retry to ensure kafka is ready for ADS startup

21.4.1105.0 (11 Aug 2022)

  • Security Updates - Critical

21.4.1095.0 (09 Aug 2022)

  • Security Updates - Medium

  • AN-212011 - Critical
    Fixed an issue that caused a discrepancy between the Process Execution and Process Analytics Engines resulting in intermittent bugs in Process Reports.

  • AN-206660 - Medium
    Viewing dependents of record fields and record relationships now properly include record field and relationship references that are referenced in record type constructors.

  • AN-203429 - Medium
    Fixed an issue which sometimes caused updating security on a newly-created folder to fail due to an error.

21.4.1075.0 (04 Aug 2022)

  • Security Updates - Critical

  • AN-181596 - Medium
    Fixed an issue which caused old versions of data types to be visible when searching for design objects using the global quick search.

  • AN-210084 - Low
    Security Improvement

  • AN-209658 - Low
    Fixed an issue where, when configuring a data source for a record type and selecting a connected system, the wrong connected system would sometimes display as selected in the dropdown menu.

  • AN-209649 - Low
    Upgraded to latest AL2 base image.

21.4.1050.0 (29 Jul 2022)

  • Security Updates - High

Installation

Perform the following steps to apply the hotfix:

  1. Stop Appian. See Starting and Stopping Appian for detailed instructions:
    1. Shut down the application server.
    2. Shut down the search server.
    3. Shut down the data server.
    4. Shutdown all Appian Engines, ensuring that the engines are checkpointed upon shutdown.
  2. Back up your existing Appian instance. See Backing Up Your Existing Appian Instance.
  3. Unzip the contents of the 21.4.2327.0_Hotfix.zip archive into your <APPIAN_HOME> directory.
  4. Run the deleteFiles script (deleteFiles.bat on Windows, deleteFiles.sh on Linux) that is now located in your <APPIAN_HOME> directory.
    • If the script reports that some files were not deleted, address the reason for the failure (common causes listed below), and run it again until it no longer reports failed deletions.
    • Common causes of failed file deletion include:
    • The file is open in another window or process
    • The file is locked
    • You do not have permission to delete the file
  5. Unzip the contents of the updates.zip archive that is now located your <APPIAN_HOME> directory.
  6. Run the installJdk script (installJdk.bat on Windows, installJdk.sh on Linux).
  7. If you maintain customized or overridden Spring Security .xml files, merge them with the associated base files in the /deployment/web.war/WEB-INF/conf/security/ directory.
  8. Delete the following files:
    Linux
    • deleteFiles.sh
    • installjdk script.sh
    • OpenJDK8U-jdk_x64linux_hotspot.tar.gz
    • updates.zip

    Windows

    • deleteFiles.bat
    • installjdk script.bat
    • OpenJDK8U-jdk_x64windows_hotspot.zip
    • updates.zip
  9. If you are using a Web server, copy the content of <APPIAN_HOME>/deployment/web.war to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.
  10. Run the configure script to deploy your environment's configuration and re-configure any node names previously set by the configure script tools.
  11. Start Appian:
    1. Start the Appian Engines.
    2. Start the data server.
    3. Start the search server.
    4. Start the application server.

To determine if the Appian 21.4 Hotfix is deployed, open the build.info file located in <APPIAN_HOME>/conf/. The contents of this file should match the following code sample:

build.revision=e3b2b2bf8e818b56b7f1611c7dd359fc477a7ae9
build.version=21.4.2327.0
Open in Github Built: Fri, Nov 10, 2023 (03:42:48 PM)

Appian Hotfixes

FEEDBACK