This page lists all the recent hotfixes for Appian 22.1.
Appian Cloud customers can refer to MyAppian to see your latest hotfix version.
For self-managed customers, all hotfixes are released as a downloadable package bimonthly, at the beginning and middle of the month. The most recent package is as of 14 Sep 2023.
The following issues have been recently resolved in Appian Cloud 22.1 as of the date indicated. These hotfixes will be available for self-managed customers in the next bi-monthly package.
Security Updates - Critical
AN-245611 - High
Security Improvement
AN-242849 - Low
TLS 1.1 has been disabled for Enhanced Data Pipeline due to various security issues. Refer to your tool’s documentation for instructions on connecting to an external database using TLS 1.2 or TLS 1.3. Alternatively, you can try adding the properties enabledSslProtocolSuites=TLSv1.2 and useSsl=true to your database connection string.
Self-managed customers can use the following links to download and install the hotfixes package. If you are managing Appian on Kubernetes, instead of using the links below, you'll need to upgrade to the latest Appian on Kubernetes images to apply the hotfixes.
This cumulative hotfix package includes all resolved issues listed below in a single download. This hotfix is required for any Appian 22.1 installations not currently up to date with the latest hotfixes. After installing, you will be running on Appian 22.1.1930.0.
You can view your current self-managed Appian version by logging into your Appian environment as a designer or system administrator and clicking the navigation menu > About Appian.
The package resolves the following issues.
Security Updates - High
AN-244680 - Medium
Updated guava library in the salesforce connected system
AN-243030 - Medium
Fixed an issue where transactions executed in an Execute Stored Procedure Smart Service or function weren't getting rolled back when auto-commit was set to false after encountering an exception.
AN-240370 - Medium
Updated Bouncy Castle library
Security Updates - High
AN-244313 - High
Security Improvement
AN-238159 - High
Updates to Netty library
AN-244525 - Low
Security Improvement
AN-234229 - Low
Security Improvement
AN-207776 - Low
Updating time picker placeholder text for 24hr-based locales.
Security Updates - High
AN-241110 - High
Updated spring security library
AN-219753 - Medium
Fixed an issue that allowed open redirects from being caught by validation.
AN-241206 - Low
Adding additional logging for Kafka transaction writing for troubleshooting.
AN-156340 - Low
Adding additional engine logging for troubleshooting
Security Updates - High
AN-243290 - High
Security Improvements
AN-237829 - High
Updated the guava, jackson databind, jackson core, and jackson annotations libraries.
CN-23112 - Medium
Kakfa performance tuning
AN-242736 - Medium
The data service query request size limit is now set to 5MB.
AN-236122 - Medium
Updated Google Cloud Libraries
AN-242915 - Low
Resolved a Kafka startup issue for Windows users.
Security Updates - High
AN-240325 - Medium
Security Improvements
Security Updates - Critical
AN-240839 - Low
Fixed an issue where Kafka topics would not come online.
Security Updates - Critical
AN-240255 - High
Updated Guava Library in the Blueprism Connected System
AN-237999 - Medium
Fixed an issue where Kafka topics could not come online.
Security Updates - Critical
AN-237908 - Medium
Updates to bouncycastle in Docusign connected system
AN-223680 - Medium
Fixed an issue that was causing significant delays during the checkpoint storage process.
AN-240883 - Low
Configuring future support of kRaft.
Security Updates - Critical
AN-226846 - Critical
Updated Snakeyaml library
AN-225107 - Critical
Updated Snakeyaml Library
Security Updates - Critical
AN-238140 - Critical
Security Improvement
AN-203023 - Medium
Updated POI Library
AN-234393 - Low
Updated Service Manager start script to support manual transaction replay.
AN-221295 - Low
Updating MirrorMaker support for Appian on Kubernetes customers.
Security Updates - Critical
AN-238270 - Critical
Resolved an issue that was causing intermittent "403 Forbidden" errors when accessing a User Start Page site
AN-238044 - High
Secuity update
AN-228346 - High
Updated Google Cloud Translate and Protobuf Libraries
AN-217955 - High
Updated Mozilla Rhino version
AN-237944 - Medium
Created a new 'logsv2' action in Cleanup Script which will clean up all old log files, including log files created after the inception of the logs action.
AN-237074 - Medium
Updates to CMIS Data Connector
Security Updates - Critical
AN-236803 - High
Updated Jackson Databind Library
AN-201242 - Medium
Updated Kafka server.log storage to now store up to 10 server.log files, 10MB in size each.
AN-232723 - Low
Enhanced Kakfka advertised listeners to support MirrorMaker
Security Updates - Critical
AN-223263 - High
Windows and Linux now use independent split installers.
AN-234601 - Low
Fixed an issue with the webapp gracefully stopping.
AN-229662 - Low
Fixed a ZooKeeper leadership election bug that can result in write request rejections.
Security Updates - Critical
AN-235114 - High
Fixed an issue that caused existing Client Credentials for Web APIs to expire after a year when new Client Credentials were generated.
AN-233537 - High
Upgrade Atlassian and Jettison Libraries
AN-234809 - Medium
Upgrading Tomcat Application Server to 9.0.x
AN-234223 - Low
Fixes ADS debug logging issue.
Security Updates - High
AN-232946 - High
Bug fix in expression deserialization that threw unnecessary Invalid Byte Exception
AN-232634 - High
Upgraded Elasticsearch to version 7.17.9.
Security Updates - Critical
AN-232003 - High
Integrations no longer fail when using TLS 1.3
AN-231369 - High
Upgraded Spring library
AN-230001 - High
Updated Clojure library
AN-226471 - High
Upgraded reload4j library
AN-230345 - Medium
Fixed an issue with groups that have an expression defining "Visibility" where group members were being redirected to Tempo when clicking a task link in an email instead of being directed to the URL configured as the group's "User Start Page".
AN-234594 - Low
Upgrading Redisson Client
Security Updates - High
AN-232228 - High
Updated Jackson Databind Library
AN-231242 - High
Upgraded Woodstox library
AN-233855 - Medium
Upgraded Spring library
AN-232037 - Low
Upgraded Liquibase to patch release v4.21.1.
AN-229296 - Low
Fixed an issue with certificate regeneration in the "Connected Environments" feature where the generated certificate was attributed to "Administrator" instead of the user who initiated the regeneration.
Security Updates - High
AN-231359 - Critical
Fixed an issue that caused intermittent "Cannot read properties of null (reading 'getIn')" errors during user site interaction.
AN-232615 - High
Security improvements
AN-233239 - Low
Better handling of exceptions thrown while processing write requests in ADS.
Security Updates - High
AN-222925 - Medium
Updated google-cloud-core-http library
AN-229971 - Low
Reduced service manager shutdown time for customers managing Appian on Kubernetes.
Security Updates - High
AN-230557 - High
Some environments had access to develop and manage portals when they should not have. We've fixed the issue so that only organizations with a license to use Appian Portals have access.
AN-223083 - High
Removed xalan library
Security Updates - High
AN-230038 - High
Updates to Woodstox core asl library
AN-229036 - High
Updates to jackson core, jackson databind, and jackson annotation libraries
AN-229685 - Low
Security Improvements
Security Updates - Critical
AN-226331 - High
Update Apache commons-fileupload library
AN-229993 - Medium
For Cloud Database, increased max_input_vars value to 2000 to prevent runtime errors from occurring in phpMyAdmin.
Security Updates - Critical
AN-228562 - High
Security Improvement
AN-228321 - Medium
Error logging for the Execute Stored Procedure Smart Service has been added to the Tomcat logs.
AN-227900 - Low
Updated ADS error message to include additional information to help debug the failure.
Security Updates - High
AN-227747 - High
Updated fasterxml.jackson and google.guava
AN-227457 - High
Updated Netty Library
AN-211751 - Medium
Fixed an issue that caused processes to auto-archive by default ignoring the AUTOARCHIVE custom.property setting.
AN-221502 - Low
Improved Kafka's logging by suppressing redundant log entries.
Security Updates - Critical
CN-20152 - Critical
Unsupported non-ASCII256 header values are converted to ?
AN-227752 - Critical
Security Improvements
AN-226788 - High
Fixed an issue that could result in HA site failure when a site's primary engine becomes unavailable.
AN-220855 - High
Updated Jackson libraries
AN-227793 - Medium
Fixed a bug where generating a record action with a data type and data store would fail.
AN-227422 - Low
Updated error message to be more descriptive.
Security Updates - Critical
AN-218002 - Medium
Appian Cloud Database now uses version 5.2.1 of phpMyAdmin.
Security Updates - High
AN-223242 - Critical
Updated jave protobuf, google cloud automl, jackson databind, google cloud core, and google cloud storage libraries within Google Connected Systems
AN-226698 - High
Security Improvements
AN-211063 - High
Removed extraneous log entries from the MirrorMaker log file to improve overall legibility.
AN-222300 - Low
Configure Script now includes the ability to validate an installation.
Security Updates - High
AN-226160 - High
Security Improvement
AN-226155 - High
CVE Fixed on Jaeger Agent image
Security Updates - Critical
CN-18110 - Low
Fixed an issue that prevented shutdown of the Internal Messaging Service for some high availability sites.
AN-223401 - Low
Updated the engine startup script to include logging on script invocation time and passed parameters.
AN-222592 - Low
Fixed an issue where process history replication factors were incorrect following a change in site topology from single node to high availability.
Security Updates - Critical
AN-223684 - High
Fixed an issue which prevented newly-made Google reCAPTCHA projects from working in a reCAPTCHA Connected System.
AN-223199 - High
Prevent ADS issues due to Network Latency
AN-221245 - High
Kafka Upgrade
AN-220449 - High
Upgraded SnakeYAML Library
AN-220693 - Medium
For Appian Cloud customers who have a dedicated database node, the default range of read and write I/O threads is now set to be between 4 and the total number of CPUs on the database node divided by 2. Customers who have dedicated database nodes will experience performance improvement from this update.
Security Updates - Low
AN-221122 - Critical
Removed references to the ConsumerConfig.addDeserializerToConfig and ProducerConfig.addSerializerToConfig methods due to deprecation in Kafka 3.3.1.
AN-218227 - Low
Improved ADS logging when it is run as a service.
Security Updates - Low
AN-218961 - Low
Process models are now able to be saved using "Save As" in all supported languages.
AN-221569 - Medium
Fixed an issue that caused an error to occur in the Document Extraction reconciliation task when extracting tables from Fillable PDFs.
AN-218809 - Medium
For the Appian Cloud MariaDB database, ANALYZE TABLE command is now run for all the tables at the site start up.
AN-217357 - Low
For Appian Cloud MariaDB database, transaction isolation level has been set to read-committed for phpMyAdmin connections.
AN-202061 - Low
Fixed an issue with interface data field errors where users were instructed to use an invalid date format.
Security Updates - Low
AN-220626 - Medium
The property conf.monitoring.rdbms.SLOW_QUERY_THRESHOLD_MS in custom.properties can now be set permanently on Appian Cloud environments via an Appian Support case. This property configures the threshold value (in milliseconds) that logs a slow query operation by data store.
AN-220114 - Medium
Process deletion now uses memory more efficiently. Prior to this fix, deleting a large number of processes would cause high heap memory utilization.
AN-219912 - Medium
Appian Cloud now uses the 42.5.1 version of the JDBC Driver for PostgreSQL Database.
Security Updates - Critical
AN-220177 - Medium
Security Improvements
AN-219995 - High
Security Improvement
AN-218784 - Low
MariaDB database in Appian Cloud received a minor version upgrade to 10.6.11
Security Updates - Critical
AN-218553 - Medium
Add log messages in the application server log for when the record data source configuration is invalid to aid in troubleshooting.
AN-217700 - Medium
Fixed an issue that caused intermittent "Cannot read properties of null (reading 'getIn')" errors during user site interaction.
Security Updates - Critical
AN-218220 - High
Fixed an issue that prevented MariaDB from starting up on a distributed topology Appian Cloud environment with database encryption enabled.
AN-215914 - Low
Security Improvement
Security Updates - Critical
AN-217611 - High
Increases the connection pool for ADS queries
AN-213666 - High
Upgrade SnakeYAML Library
AN-214213 - Medium
Upgraded OpenPDF from version 1.3.26 to 1.3.30 to provide support for additional encryption types.
AN-216864 - Low
Fixed an issue where decimals contained in a Record Type are converted to text when exported to Excel.
Security Updates - Critical
AN-217565 - Critical
Security Improvement
AN-212451 - Critical
Removed the Apache Xalan Java library. If you have developed any plug-ins that depend on Apache Xalan, you will need to update them to remove or replace the use of this library. If you don't update them, they will stop working when plug-in users upgrade.
AN-214120 - Medium
For Appian Cloud database, fixed an issue with slow_log table that prevented sites from starting up.
Security Updates - Critical
AN-215833 - Medium
Security Improvement
AN-212724 - Low
Upgrade Tika Library
Security Updates - High
AN-215834 - Medium
Security Improvement
AN-212567 - Medium
For the Appian Cloud database, the definer of a database event no longer resets to default after a database failover.
Security Updates - High
AN-213756 - High
MariaDB database in Appian Cloud received a minor version upgrade to 10.6.9
AN-214491 - Medium
Execute stored procedure smart service and functions now correctly call the referred admin console data source even if a Tomcat data source with the same name exists in the environment. The behavior introduced by this hotfix can be reverted via a Support case if desired.
AN-214461 - Medium
Fixed an issue where Start and Stop script permissions were incorrectly set after applying a hotfix.
AN-214013 - Medium
Fixed an issue which prevented example images from components, patterns, and templates from working in portals.
AN-212535 - Medium
Fixed an issue where file uploads freeze when a file upload component is embedded in an editable grid.
AN-211737 - Medium
Fixed an issue that was causing validation and execution delays for customers using a MySQL data source alongside one of the following: the Execute Stored Procedure Smart Service, the a!executeStoredProcedureOnSave function, or the a!executeStoredProcedureForQuery function.
AN-210227 - Medium
Updated the change-paths.bat script logs to include values for notesOldPath and notesNewPath.
AN-212006 - Low
For the Appian Cloud MariaDB database, the default threshold for slow queries logged in AppianProcess.slow_log view has been changed from 2 seconds to 7 seconds in order to reduce noise in the log.
AN-210656 - Low
Fixed an issue that caused the Appian execute stored procedure functions to use Tomcat/XML defined data sources, when a data source with the same name was defined in the Admin Console.
AN-209500 - Low
Fixed an issue in which some cleanup tasks were not performed when a sync failed, causing a status of "Running" for that attempt with no completion recorded.
AN-210242 - High
Upgrade Jetty Library
AN-213319 - Medium
Fixed an issue in Kafka topicRecovery script which could lead to topics not having an assigned leader.
AN-213085 - Medium
Fixed an issue that led to execution errors for customers utilizing a SQL Server data source alongside one of the following: the Execute Stored Procedure Smart Service, the a!executeStoredProcedureOnSave expression function, or the a!executeStoredProcedureForQuery system function.
AN-212443 - Medium
Fixed an issue where Start and Stop script permissions were incorrectly set after applying a hotfix.
AN-187367 - Low
A bug was identified that caused the recipients email header to be blank in outbound emails, which caused Appian-generated notifications to be routed to spam occasionally. The recipients header is now populated for all outbound emails.
Security Updates - High
AN-210621 - High
Improve ADS connection pool error handling
AN-212086 - Medium
Fixed an issue where embedded Google Maps display an error when "View Larger Map" is clicked.
AN-211829 - Low
The read-only grid now uses the proper decimal separator according to the user's locale when displaying decimal numbers in grid cells.
Security Updates - High
AN-211615 - High
Upgrade OkHttp Library
AN-213051 - Medium
For Appian Cloud database, fixed an issue that prevented Database Administrators from editing and exporting stored procedures from phpMyAdmin.
AN-208653 - Medium
Fixed an issue where related actions that were defined by an expression with a relationship reference were causing an error in a!gridField()
AN-202701 - Medium
Fixed an issue where exiting out of a file upload component prior to upload completion causes the interface to break due to a null pointer exception.
AN-191159 - Low
Upgraded the Salesforce Connected System component REST API from version 44.0 to 52.0. API version 52.0 is backwards compatible with previous versions.
Security Updates - Critical
AN-212519 - Medium
Fixed an issue that resulted in intermittent "Cannot read properties of null (reading 'getIn')" errors when entering information into an interface textField.
AN-210326 - Medium
Viewing dependents of record type fields will now properly display application objects directly when they are referenced through a relationship.
AN-167569 - Low
Fixed an issue that introduced unnecessary log pollution and degraded the collection of Record Response Time metrics.
Security Updates - Critical
AN-210950 - Medium
Upgraded AWS Machine Learning Library
AN-209146 - Medium
Upgraded Bouncy Castle Library
AN-212000 - Low
Add a retry to ensure kafka is ready for ADS startup
Security Updates - Medium
AN-212011 - Critical
Fixed an issue that caused a discrepancy between the Process Execution and Process Analytics Engines resulting in intermittent bugs in Process Reports.
AN-206660 - Medium
Viewing dependents of record fields and record relationships now properly include record field and relationship references that are referenced in record type constructors.
AN-203429 - Medium
Fixed an issue which sometimes caused updating security on a newly-created folder to fail due to an error.
Security Updates - Critical
AN-210979 - Medium
Fixed an issue that caused some incorrect values to be displayed in Process Reports when the data definition contained a null value.
AN-210404 - Medium
Fixed a bug that sporadically prevented Appian Data Service from starting up as a result of a race condition related to Kafka initialization.
AN-210029 - Medium
Improved data service connection pool utilization for queries against synced records.
AN-181596 - Medium
Fixed an issue which caused old versions of data types to be visible when searching for design objects using the global quick search.
AN-210084 - Low
Security Improvement
AN-209658 - Low
Fixed an issue where, when configuring a data source for a record type and selecting a connected system, the wrong connected system would sometimes display as selected in the dropdown menu.
AN-209649 - Low
Upgraded to latest AL2 base image.
Security Updates - Critical
AN-211161 - Critical
Reverted MariaDB drivers from version 2.7.6 to 2.7.2 to fix connectivity issues.
AN-210640 - High
For the Appian Cloud sites, fixed an issue with mysql.slow_log table that caused MariaDB upgrade failure.
AN-210069 - Medium
Fixed an issue where images and icons sometimes fail to render on a site after plug-in deployment.
Security Updates - High
AN-209161 - High
Improved Service Manager logging during an incomplete shutdown to include a detailed reason and steps to remediate it.
AN-209886 - Medium
For the Appian Cloud sites, fixed an issue related to the change in character set for some tables during upgrade from MariaDB 10.5 to MariaDB 10.6.
AN-209566 - Low
Fixed an issue where performance metrics for record types in the Monitor view included back-end functions.
AN-209419 - Low
The data service now properly retries failed tasks when starting up.
Security Updates - Critical
AN-210119 - Critical
Fixed an issue which caused a system error to occur when interacting with some portals
AN-209472 - High
Fixed an issue which incorrectly removed some unicode characters from the names of files that were uploaded from a portal.
AN-209656 - Medium
Users are now successfully removed from a group after being renamed if the new username does not match the criteria in the group membership rule. Prior to this fix, the user would still remain part of the group even if the username didn't follow the membership rules.
AN-209209 - Medium
For the Appian Cloud sites, improved error handling during MariaDB upgrade.
AN-208897 - Medium
Error codes are now returned by fv!error in the onError parameter of a!submitUploadedFiles.
AN-208136 - Medium
Fixed an issue with exporting a read-only grid. A null field value used in a grid column with a rich text component was causing the remaining values on that grid column to not be exported.
AN-200015 - Medium
Fixed an issue with connected system creation where when the developer chooses to create a new integration the connected system would not show as a precedent of the integration until after an initial save.
AN-209422 - Low
Fixed an issue where the record title and fields in the interface were not updating after a clicking a start process link from the record summary.
AN-192175 - Low
Updated the error handling on charts with the continuous date axis enabled.
Security Updates - Critical
AN-209505 - Critical
Fixed an issue which sometimes caused a!queryRecordType() to fail unexpectedly with an error.
Security Updates - High
AN-208465 - Medium
Portals published in Appian will now inherit your environment's primary system locale, time zone, and calendar. This may result in changes to default validation text, date formats, and number formats in your portal the next time you publish it.
AN-208464 - Low
Portals published in Appian will now inherit your environment's primary system locale, time zone, and calendar. This may result in changes to default validation text, date formats, and number formats in your portal the next time you publish it.
Security Updates - High
AN-209374 - Critical
Fixed an issue that prevented Blue Prism connected systems from being available
AN-208978 - High
Fixed an issue which sometimes caused long-running unattended process model nodes to fail unexpectedly with an error.
AN-204283 - Medium
Fixed a memory management issue when syncing records that may lead to unresponsive sites and full site outages.
AN-208464 - Low
Portals published in Appian will now inherit your environment's primary system locale, time zone, and calendar. This may result in changes to default validation text, date formats, and number formats in your portal the next time you publish it.
Security Updates - Critical
AN-209227 - High
For Appian Cloud environments, fixed an issue that prevented phpMyAdmin from being accessed.
AN-208978 - High
Fixed an issue which sometimes caused long-running unattended process model nodes to fail unexpectedly with an error.
AN-208830 - High
Fixed an issue when an unauthenticated user tried to perform a SAIL request it entered in a loop of 401 responses
AN-208781 - Medium
Fixed an issue that caused data store verification to fail with Oracle database due to unsupported character sets.
AN-205107 - Medium
Fixed an issue that caused an error when viewing the outbound deployment details for deployments which only contained database scripts or plug-ins.
Security Updates - High
AN-202654 - Medium
Fixed a race condition in Admin Console that prevented configuration changes from being saved.
AN-164454 - Medium
Improved error handling and messaging in Appian's cloud installation scripts.
Security Updates - High
AN-207398 - High
MariaDB has been upgraded to version 10.6.8 for Appian Cloud sites.
AN-208182 - Medium
Fixed an issue that prevented the Document Viewer Component from displaying its contents when opened from certain links.
AN-207716 - Medium
Fixed an issue where records-powered grids had the wrong start index on refresh when a local variable or rule input was used in the data parameter.
AN-200249 - Medium
Added a warning and a delayed start to the Appian "Stop Script" to avoid accidental cluster wide shutdown.
AN-207835 - Low
Fixed an issue that prevented the Content-Length response header from being included in some SAIL responses.
AN-206529 - Low
AppianProcess.slow_log view is now available through phpMyAdmin for database administrators to identify slow running queries in the Appian Cloud database when database encryption is not enabled. Queries taking more than 2 seconds are logged.
Security Updates - High
AN-208087 - High
Resolved an issue with the Execute Stored Procedure feature in the platform (not plugin) when used with data sources defined in the Admin console that would cause an increase in database connections instead of reusing existing ones.
AN-207465 - High
Fixed issue where the record type designer could not be opened when the source of the record type was an invalid data store entity and there is also an invalid record field within the record type.
AN-205103 - High
Added JWT Grant authentication to the DocuSign connected system in response to the pending removal of support for Basic authentication by DocuSign on October 5, 2022.
AN-204626 - High
Fixed an issue that caused multiple errors on the Application Server after upgrading to Appian 22.1. Prior to this fix, certain operations like updating the User Profile, Process Model rendering and opening an interface would not complete successfully due to an error in registering Smart Services at startup after the upgrade.
AN-208061 - Medium
Performance Improvement
AN-206002 - Medium
Fixed an issue which could lead to engines not checkpointing.
Security Updates - Critical
AN-205738 - High
Sites using Appian-hosted MySQL database are upgraded to release 5.7.38, which includes security and bug fixes. Details are available on the MySQL website (https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html)
AN-204464 - Medium
Fixed an issue that caused an unexpected dirty flag to appear in the start form of certain process models when selecting the "Skip to main content" link in the URL bar from the start form.
AN-204739 - Low
The performance of casts with record data types that occur automatically (such as passing a custom data type to a record data type rule input or vice versa) has been improved.
AN-203594 - Low
Improvements to reduce installation time of phpmyadmin.
Perform the following steps to apply the hotfix:
<APPIAN_HOME> directory.
<APPIAN_HOME> directory.
<APPIAN_HOME> directory.<APPIAN_HOME>/deployment/web.war to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.To determine if the Appian 22.1 Hotfix is deployed, open the build.info file located in <APPIAN_HOME>/conf/. The contents of this file should match the following code sample:
build.revision=882544c32f492b34afbc64ce12a54ed48544cf2e build.version=22.1.1930.0
