This page lists all the recent hotfixes for Appian 22.3.
Appian Cloud customers can refer to MyAppian to see your latest hotfix version.
For self-managed customers, all hotfixes are released as a downloadable package bimonthly, at the beginning and middle of the month. The most recent package is as of 24 May 2023.
The following issues have been recently resolved in Appian Cloud 22.3 as of the date indicated. These hotfixes will be available for self-managed customers in the next bi-monthly package.
Security Updates - Critical
AN-235114 - High
Fixed an issue that caused existing Client Credentials for Web APIs to expire after a year when new Client Credentials were generated.
AN-233537 - High
Upgrade Atlassian and Jettison Libraries
AN-234809 - Medium
Upgrading Tomcat Application Server to 9.0.x
Self-managed customers can use the following links to download and install the hotfixes package. If you are managing Appian on Kubernetes, instead of using the links below, you'll need to upgrade to the latest Appian on Kubernetes images to apply the hotfixes.
This cumulative hotfix package includes all resolved issues listed below in a single download. This hotfix is required for any Appian 22.3 installations not currently up to date with the latest hotfixes. After installing, you will be running on Appian 22.3.1035.0.
You can view your current self-managed Appian version by logging into your Appian environment as a designer or system administrator and clicking the navigation menu > About Appian.
The package resolves the following issues.
Security Updates - High
AN-234612 - High
Add new logging to better understand the problem and get to the root of it.
AN-232634 - High
Upgraded Elasticsearch to version 7.17.9.
Security Updates - Critical
AN-232003 - High
Integrations no longer fail when using TLS 1.3
AN-231369 - High
Upgraded Spring library
AN-230001 - High
Updated Clojure library
AN-226471 - High
Upgraded reload4j library
AN-231563 - Medium
Fixed an caching issue that was impacting performance.
AN-230345 - Medium
Fixed an issue with groups that have an expression defining "Visibility" where group members were being redirected to Tempo when clicking a task link in an email instead of being directed to the URL configured as the group's "User Start Page".
AN-234594 - Low
Upgrading Redisson Client
AN-234223 - Low
Fixes ADS debug logging issue.
AN-219303 - Low
Backporting metrics around design objects. low risk
Security Updates - High
AN-232228 - High
Updated Jackson Databind Library
AN-231242 - High
Upgraded Woodstox library
AN-233855 - Medium
Upgraded Spring library
AN-232037 - Low
Upgraded Liquibase to patch release v4.21.1.
AN-229296 - Low
Fixed an issue with certificate regeneration in the "Connected Environments" feature where the generated certificate was attributed to "Administrator" instead of the user who initiated the regeneration.
Security Updates - High
AN-231359 - Critical
Fixed an issue that caused intermittent "Cannot read properties of null (reading 'getIn')" errors during user site interaction.
AN-232615 - High
Security improvements
AN-229840 - Medium
Fixed an issue that caused Process Variables created from an Interface to be displayed with Type as "[Not Visible]" under Process Model Properties in the Process Modeler.
AN-233239 - Low
Better handling of exceptions thrown while processing write requests in ADS.
Security Updates - High
AN-231606 - Medium
Resolved an issue with users not getting logged out during a maintenance window.
AN-222925 - Medium
Updated google-cloud-core-http library
AN-229971 - Low
Reduced service manager shutdown time for customers managing Appian on Kubernetes.
Security Updates - High
AN-230557 - High
Some environments had access to develop and manage portals when they should not have. We've fixed the issue so that only organizations with a license to use Appian Portals have access.
AN-223083 - High
Removed xalan library
Security Updates - High
AN-230038 - High
Updates to Woodstox core asl library
AN-229036 - High
Updates to jackson core, jackson databind, and jackson annotation libraries
AN-229685 - Low
Security Improvements
Security Updates - Critical
AN-226331 - High
Update Apache commons-fileupload library
AN-229993 - Medium
For Cloud Database, increased max_input_vars value to 2000 to prevent runtime errors from occurring in phpMyAdmin.
Security Updates - Critical
AN-228321 - Medium
Error logging for the Execute Stored Procedure Smart Service has been added to the Tomcat logs.
AN-227900 - Low
Updated ADS error message to include additional information to help debug the failure.
Security Updates - High
AN-227747 - High
Updated fasterxml.jackson and google.guava
AN-227457 - High
Updated Netty Library
AN-211751 - Medium
Fixed an issue that caused processes to auto-archive by default ignoring the AUTOARCHIVE custom.property setting.
AN-221502 - Low
Improved Kafka's logging by suppressing redundant log entries.
Security Updates - Critical
CN-20152 - Critical
Unsupported non-ASCII256 header values are converted to ?
AN-227752 - Critical
Security Improvements
AN-227794 - High
Addressing an issue which caused some evaluations of rv!record to incorrectly return null when referring to a User Record type.
AN-226788 - High
Fixed an issue that could result in HA site failure when a site's primary engine becomes unavailable.
AN-220855 - High
Updated Jackson libraries
AN-227793 - Medium
Fixed a bug where generating a record action with a data type and data store would fail.
AN-226988 - Medium
Fixed an issue where grid column widths were not respected when there was no grid header label specified on the column.
AN-227422 - Low
Updated error message to be more descriptive.
Security Updates - Critical
AN-222143 - Medium
Fixed an issue where querying multiple related record type fields was evaluating a single security expression multiple times instead of one time.
AN-218002 - Medium
Appian Cloud Database now uses version 5.2.1 of phpMyAdmin.
Security Updates - High
AN-223242 - Critical
Updated jave protobuf, google cloud automl, jackson databind, google cloud core, and google cloud storage libraries within Google Connected Systems
AN-226698 - High
Security Improvements
AN-226222 - High
Security Improvement
AN-211063 - High
Removed extraneous log entries from the MirrorMaker log file to improve overall legibility.
AN-223122 - Medium
The performance for searching records-powered grids has been improved by removing fields outside the grid from the search criteria.
AN-225133 - Low
Fixed an issue that occurred when using the "in" operator in a!queryFilter to filter against a real-time custom field.
AN-222300 - Low
Configure Script now includes the ability to validate an installation.
Security Updates - High
AN-226160 - High
Security Improvement
AN-226155 - High
CVE Fixed on Jaeger Agent image
AN-224718 - Low
Add additional handling to data service delete-kafka-topic script
Security Updates - Critical
AN-225355 - Critical
The appian.feature.ae.record-access-management.set-rdbms-connector-network-timeout feature toggle and conf.recordsSync.syncRdbmsConnectionNetworkTimeoutMs property in custom.properties can now be set permanently on Appian Cloud environments via an Appian Support case. The toggle enables the timeout property to be applied and the property configures the timeout value (in milliseconds) that will be applied whenever establishing a connection to the RDBMS.
AN-225317 - High
The RDBMS networkTimeout has been turned off by default to eliminate disruptions for customers not experiencing network connection problems when communicating with their RDBMS. The default timeout has also been increased to from 30 seconds to 5 minutes when the feature toggle has been turned on.
Security Updates - Critical
AN-223680 - Medium
Fixed an issue that was causing significant delays during the checkpoint storage process.
CN-18110 - Low
Fixed an issue that prevented shutdown of the Internal Messaging Service for some high availability sites.
AN-223401 - Low
Updated the engine startup script to include logging on script invocation time and passed parameters.
AN-222592 - Low
Fixed an issue where process history replication factors were incorrect following a change in site topology from single node to high availability.
Security Updates - Critical
AN-223684 - High
Fixed an issue which prevented newly-made Google reCAPTCHA projects from working in a reCAPTCHA Connected System.
AN-223199 - High
Prevent ADS issues due to Network Latency
AN-221245 - High
Kafka Upgrade
AN-223646 - Medium
Check if ADS components are up-to-date
AN-220693 - Medium
For Appian Cloud customers who have a dedicated database node, the default range of read and write I/O threads is now set to be between 4 and the total number of CPUs on the database node divided by 2. Customers who have dedicated database nodes will experience performance improvement from this update.
AN-220449 - High
Upgraded SnakeYAML Library
AN-198434 - High
Corrected an accessibility issue with dropdowns and pickers to allow correct information about the controls to be conveyed to assistive technologies such as screen readers.
Security Updates - Low
AN-221122 - Critical
Removed references to the ConsumerConfig.addDeserializerToConfig and ProducerConfig.addSerializerToConfig methods due to deprecation in Kafka 3.3.1.
AN-222318 - Medium
Fixed an issue in Portal Forms Designer that prevented Document fields from rendering properly when opened in Microsoft Edge on IE Compatibility Mode.
AN-219648 - Medium
Viewing dependents of record fields and record relationships now properly include record field and relationship references that are referenced in record type constructors.
AN-218227 - Low
Improved ADS logging when it is run as a service.
Security Updates - Low
AN-220685 - Medium
A 30 second timeout has been added to database connections during full record type syncs to enable graceful failures and prevent syncs from becoming 'stuck' indefinitely.
AN-218961 - Low
Process models are now able to be saved using "Save As" in all supported languages.
AN-221569 - Medium
Fixed an issue that caused an error to occur in the Document Extraction reconciliation task when extracting tables from Fillable PDFs.
AN-218809 - Medium
For the Appian Cloud MariaDB database, ANALYZE TABLE command is now run for all the tables at the site start up.
AN-217357 - Low
For Appian Cloud MariaDB database, transaction isolation level has been set to read-committed for phpMyAdmin connections.
AN-202061 - Low
Fixed an issue with interface data field errors where users were instructed to use an invalid date format.
Security Updates - Medium
AN-220626 - Medium
The property conf.monitoring.rdbms.SLOW_QUERY_THRESHOLD_MS in custom.properties can now be set permanently on Appian Cloud environments via an Appian Support case. This property configures the threshold value (in milliseconds) that logs a slow query operation by data store.
AN-220114 - Medium
Process deletion now uses memory more efficiently. Prior to this fix, deleting a large number of processes would cause high heap memory utilization.
AN-219912 - Medium
Appian Cloud now uses the 42.5.1 version of the JDBC Driver for PostgreSQL Database.
Security Updates - Critical
AN-220177 - Medium
Security Improvements
AN-219995 - High
Security Improvement
AN-218784 - Low
MariaDB database in Appian Cloud received a minor version upgrade to 10.6.11
Security Updates - Critical
AN-219086 - Medium
Prevents ADS Edge Case
AN-218553 - Medium
Add log messages in the application server log for when the record data source configuration is invalid to aid in troubleshooting.
AN-217700 - Medium
Fixed an issue that caused intermittent "Cannot read properties of null (reading 'getIn')" errors during user site interaction.
AN-219665 - Low
Prevents data server edge case
AN-219453 - Low
Interfaces and expression rules generated by record actions wizard now use proper naming convention
AN-218855 - Low
Prevents ADS Edge Case
Security Updates - Critical
AN-219070 - High
Fixed an issue in the Appian 22.3 upgrade that caused certain settings on the Appian Authentication tab in the Admin Console to be reset to their default values in some cases. After upgrading to 22.3, please verify that all Appian Authentication settings are correctly set in the Admin Console.
AN-218220 - High
Fixed an issue that prevented MariaDB from starting up on a distributed topology Appian Cloud environment with database encryption enabled.
AN-217400 - High
Fixed an issue that displayed AppMarket plug-in alerts for self-managed systems.
AN-213666 - High
Upgrade SnakeYAML Library
AN-218142 - Medium
Fixed an issue where some records ran into errors when being imported to Mining Prep.
AN-216082 - Medium
Fix an issue that caused file upload failures for files with MIME types containing parameters.
AN-218847 - Low
Increase process count for the ADS docker container
AN-215914 - Low
Security Improvement
AN-190586 - Low
Kubernetes customers can change their RTS count based on a property
Security Updates - Critical
AN-217611 - High
Increases the connection pool for ADS queries
AN-215852 - Medium
Request/Response logs are now able to be created on both Windows and Unix OS machines (previously failing for Windows OS machines due to file path issue)
AN-214213 - Medium
Upgraded OpenPDF from version 1.3.26 to 1.3.30 to provide support for additional encryption types.
AN-217795 - Low
Increase ADS docker memory limits based on site instance sizes
AN-216864 - Low
Fixed an issue where decimals contained in a Record Type are converted to text when exported to Excel.
Security Updates - High
AN-215894 - Medium
Fixed an issue where data returned from a process model was formatted incorrectly when using a record data type as a process model variable, resulting in a system error message.
AN-214565 - Medium
Fixed an issue where importing a record type that referenced itself generated a duplicate version in the object's version history.
Security Updates - Critical
AN-217565 - Critical
Security Improvement
AN-212451 - Critical
Removed the Apache Xalan Java library. If you have developed any plug-ins that depend on Apache Xalan, you will need to update them to remove or replace the use of this library. If you don't update them, they will stop working when plug-in users upgrade.
AN-217004 - Medium
Fixed an issue in the Admin Console where viewing the locations of plug-in dependents caused the "Dependents" dialog to become empty.
AN-214120 - Medium
For Appian Cloud database, fixed an issue with slow_log table that prevented sites from starting up.
Security Updates - Critical
AN-215833 - Medium
Security Improvement
AN-212724 - Low
Upgrade Tika Library
Security Updates - High
AN-215834 - Medium
Security Improvement
AN-212567 - Medium
For the Appian Cloud database, the definer of a database event no longer resets to default after a database failover.
Security Updates - High
AN-215827 - High
Fixed an issue caused by the new Jakarta Mail library that resulted in emails sent by processes to drop their attachment extensions.
Security Updates - High
AN-214491 - Medium
Execute stored procedure smart service and functions now correctly call the referred admin console data source even if a Tomcat data source with the same name exists in the environment. The behavior introduced by this hotfix can be reverted via a Support case if desired.
AN-214461 - Medium
Fixed an issue where Start and Stop script permissions were incorrectly set after applying a hotfix.
AN-212535 - Medium
Fixed an issue where file uploads freeze when a file upload component is embedded in an editable grid.
AN-209448 - Medium
The performance of a!update() function when used with record data types has been improved to more closely align with its performance when used with CDTs or maps.
Security Updates - Medium
AN-214528 - High
Fixed an issue where timestamps appear incorrectly in the Applications view when the environment is set to certain locale and calendar configurations.
AN-214003 - High
Updated internal APIs to support UTF-8 encoding for Mining Appian features
AN-214013 - Medium
Fixed an issue which prevented example images from components, patterns, and templates from working in portals.
AN-213974 - Medium
Working hours are now correctly set in the Process Calendar when the Start Time is set to 12:00 AM. Prior to this fix, setting the Start Time for a Calendar day to 12:00 AM would mark the day as a Nonworking day.
AN-213756 - Medium
MariaDB database in Appian Cloud received a minor version upgrade to 10.6.9
AN-211737 - Medium
Fixed an issue that was causing validation and execution delays for customers using a MySQL data source alongside one of the following: the Execute Stored Procedure Smart Service, the a!executeStoredProcedureOnSave function, or the a!executeStoredProcedureForQuery function.
AN-210227 - Medium
Updated the change-paths.bat script logs to include values for notesOldPath and notesNewPath.
AN-212006 - Low
For the Appian Cloud MariaDB database, the default threshold for slow queries logged in AppianProcess.slow_log view has been changed from 2 seconds to 7 seconds in order to reduce noise in the log.
AN-215174 - Critical
Fixes Jakarta mail dependency conflict for app market plugins.
AN-210242 - High
Upgrade Jetty Library
AN-213896 - Medium
Fixed an issue that caused an error in the Applications view if an application had no last modified timestamp.
AN-213319 - Medium
Fixed an issue in Kafka topicRecovery script which could lead to topics not having an assigned leader.
AN-213085 - Medium
Fixed an issue that led to execution errors for customers utilizing a SQL Server data source alongside one of the following: the Execute Stored Procedure Smart Service, the a!executeStoredProcedureOnSave expression function, or the a!executeStoredProcedureForQuery system function.
AN-212443 - Medium
Fixed an issue where Start and Stop script permissions were incorrectly set after applying a hotfix.
AN-187367 - Low
A bug was identified that caused the recipients email header to be blank in outbound emails, which caused Appian-generated notifications to be routed to spam occasionally. The recipients header is now populated for all outbound emails.
Security Updates - Critical
AN-213231 - High
Record smart service (a!writeRecords, a!deleteRecords, and a!syncRecords) calls no longer throw an internal server error when used in Appian Web APIs.
AN-210621 - High
Improve ADS connection pool error handling
AN-213005 - High
Fixed an issue with record type process variable list that prevented saving a single record type in its related record.
AN-212086 - Medium
Fixed an issue where embedded Google Maps display an error when "View Larger Map" is clicked.
AN-211829 - Low
The read-only grid now uses the proper decimal separator according to the user's locale when displaying decimal numbers in grid cells.
Security Updates - High
AN-213051 - Medium
For Appian Cloud database, fixed an issue that prevented Database Administrators from editing and exporting stored procedures from phpMyAdmin.
AN-208653 - Medium
Fixed an issue where related actions that were defined by an expression with a relationship reference were causing an error in a!gridField()
AN-202701 - Medium
Fixed an issue where exiting out of a file upload component prior to upload completion causes the interface to break due to a null pointer exception.
AN-191159 - Low
Upgraded the Salesforce Connected System component REST API from version 44.0 to 52.0. API version 52.0 is backwards compatible with previous versions.
Security Updates - Critical
AN-212519 - Medium
Fixed an issue that resulted in intermittent "Cannot read properties of null (reading 'getIn')" errors when entering information into an interface textField.
AN-212268 - Medium
Fixed an issue that caused an error while opening a task in which the rule input is mapped to a process variable which is a list of Record Types.
AN-211603 - Medium
Fixed an issue within the pickerFieldGroups component that was causing both users and groups to be displayed in the results dropdown.
AN-210951 - Medium
Fixed an issue that prevented the entire history of a process to be displayed in the Process Modeler and under Process Activity in the Monitoring View.
AN-210326 - Medium
Viewing dependents of record type fields will now properly display application objects directly when they are referenced through a relationship.
AN-212000 - Low
Add a retry to ensure kafka is ready for ADS startup
AN-167569 - Low
Fixed an issue that introduced unnecessary log pollution and degraded the collection of Record Response Time metrics.
Security Updates - Critical
AN-212011 - Critical
Fixed an issue that caused a discrepancy between the Process Execution and Process Analytics Engines resulting in intermittent bugs in Process Reports.
AN-212209 - Medium
Show Objects no longer shows duplicate banners when a record action activity chains into another form.
AN-212208 - Medium
Fixed an issue that obscured Show Objects labels for interfaces using a!headerContentLayout or a!contentLayout.
AN-212207 - Medium
Fixed an issue that obscured Show Objects labels on record views with fixed headers.
AN-212206 - Medium
Fixed an issue that obscured Show Objects labels on record actions with fixed headers.
AN-210950 - Medium
Upgraded AWS Machine Learning Library
AN-209146 - Medium
Upgraded Bouncy Castle Library
AN-206660 - Medium
Viewing dependents of record fields and record relationships now properly include record field and relationship references that are referenced in record type constructors.
AN-203429 - Medium
Fixed an issue which sometimes caused updating security on a newly-created folder to fail due to an error.
Security Updates - Critical
AN-211161 - Critical
Reverted MariaDB drivers from version 2.7.6 to 2.7.2 to fix connectivity issues.
AN-210640 - High
For the Appian Cloud sites, fixed an issue with mysql.slow_log table that caused MariaDB upgrade failure.
AN-210469 - High
Fixed an issue with Task Metric functions that caused certain values in a process report to appear as null.
AN-208572 - High
Fixed an issue where a process model was not being shown as a dependent of a record type where the record type reference was only made in an expression, such as the process display name or a script task node.
AN-210979 - Medium
Fixed an issue that caused some incorrect values to be displayed in Process Reports when the data definition contained a null value.
AN-210404 - Medium
Fixed a bug that sporadically prevented Appian Data Service from starting up as a result of a race condition related to Kafka initialization.
AN-210069 - Medium
Fixed an issue where images and icons sometimes fail to render on a site after plug-in deployment.
AN-210029 - Medium
Improved data service connection pool utilization for queries against synced records.
AN-181596 - Medium
Fixed an issue which caused old versions of data types to be visible when searching for design objects using the global quick search.
AN-210656 - Low
Fixed an issue that caused the Appian execute stored procedure functions to use Tomcat/XML defined data sources, when a data source with the same name was defined in the Admin Console.
AN-210084 - Low
Security Improvement
AN-209658 - Low
Fixed an issue where, when configuring a data source for a record type and selecting a connected system, the wrong connected system would sometimes display as selected in the dropdown menu.
AN-209649 - Low
Upgraded to latest AL2 base image.
Security Updates - Critical
AN-209505 - Critical
Fixed an issue which sometimes caused a!queryRecordType() to fail unexpectedly with an error.
AN-209374 - Critical
Fixed an issue that prevented Blue Prism connected systems from being available
AN-209227 - High
For Appian Cloud environments, fixed an issue that prevented phpMyAdmin from being accessed.
AN-209161 - High
Improved Service Manager logging during an incomplete shutdown to include a detailed reason and steps to remediate it.
AN-208978 - High
Fixed an issue which sometimes caused long-running unattended process model nodes to fail unexpectedly with an error.
AN-208852 - High
Fixed an issue where reverting to a historical version of a record type automatically enabled all related action shortcuts in the views for that record type.
AN-209886 - Medium
For the Appian Cloud sites, fixed an issue related to the change in character set for some tables during upgrade from MariaDB 10.5 to MariaDB 10.6.
AN-209656 - Medium
Users are now successfully removed from a group after being renamed if the new username does not match the criteria in the group membership rule. Prior to this fix, the user would still remain part of the group even if the username didn't follow the membership rules.
AN-209209 - Medium
For the Appian Cloud sites, improved error handling during MariaDB upgrade.
AN-208781 - Medium
Fixed an issue that caused data store verification to fail with Oracle database due to unsupported character sets.
AN-208465 - Medium
Portals published in Appian will now inherit your environment's primary system locale, time zone, and calendar. This may result in changes to default validation text, date formats, and number formats in your portal the next time you publish it.
AN-208136 - Medium
Fixed an issue with exporting a read-only grid. A null field value used in a grid column with a rich text component was causing the remaining values on that grid column to not be exported.
AN-204283 - Medium
Fixed a memory management issue when syncing records that may lead to unresponsive sites and full site outages.
AN-200015 - Medium
Fixed an issue with connected system creation where when the developer chooses to create a new integration the connected system would not show as a precedent of the integration until after an initial save.
AN-209577 - Low
Fixed an issue that was causing errors with DocuSigns' "Download Document from an Envelope" operation when configured using JWT Grant authentication.
AN-209566 - Low
Fixed an issue where performance metrics for record types in the Monitor view included back-end functions.
AN-209422 - Low
Fixed an issue where the record title and fields in the interface were not updating after a clicking a start process link from the record summary.
AN-209419 - Low
The data service now properly retries failed tasks when starting up.
AN-209065 - Low
Fixed an issue where site object names displayed in the navigation menu, instead of dynamic display names.
AN-209020 - Low
Fixed an issue where objects at the bottom of the pane were getting hidden by the collapse/expand button.
AN-208464 - Low
Portals published in Appian will now inherit your environment's primary system locale, time zone, and calendar. This may result in changes to default validation text, date formats, and number formats in your portal the next time you publish it.
AN-192175 - Low
Updated the error handling on charts with the continuous date axis enabled.
Perform the following steps to apply the hotfix:
<APPIAN_HOME> directory.
<APPIAN_HOME> directory.
<APPIAN_HOME> directory.<APPIAN_HOME>/deployment/web.war to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.To determine if the Appian 22.3 Hotfix is deployed, open the build.info file located in <APPIAN_HOME>/conf/. The contents of this file should match the following code sample:
build.revision=b33b3099210614c81232bef3981372affd7162d4 build.version=22.3.1035.0
