This page lists all the recent hotfixes for Appian 23.4.

Hotfix package (11 Jul 2024)

Self-managed customers can use the following links to download and install the hotfixes package. If you are managing Appian on Kubernetes, instead of using the links below, you'll need to upgrade to the latest Appian on Kubernetes images to apply the hotfixes.

• Hotfix package 23.4.885.0
• Installation instructions

This cumulative hotfix package includes all resolved issues listed below in a single download. This hotfix is required for any Appian 23.4 installations not currently up to date with the latest hotfixes. After installing, you will be running on Appian 23.4.885.0.

You can view your current self-managed Appian version by logging into your Appian environment as a designer or system administrator and clicking the navigation menu > About Appian.

The package resolves the following issues.

23.4.885.0 (11 Jul 2024)

• Security Updates - Critical

• AN-282655 - Medium
  JWT expiration and refresh time has been updated properly.

• AN-283427 - Medium
  Increased timeout for smart service syncs to prevent record type invalidation when full syncs occur at the same time.

23.4.875.0 (06 Jul 2024)

• Security Updates - Medium

• AN-282192 - High
  Fixed an issue that caused Appian instances to fail to start when the HTTP Proxy credentials can not be decrypted.

• AN-265640 - Medium
  Upgraded commons-compress,commons-io and commons-lang3

• AN-277303 - Medium
  Fixes an issue where Zookeeper configurations are missing for self-managed customers.

• AN-282246 - Medium
  Fixed an issue where in some cases tasks were incorrectly assigned.

23.4.865.0 (28 Jun 2024)

• Security Updates - High

• AN-278708 - High
  Fixed an issue that caused AI Skill smart services to hang indefinitely, exhausting the thread pool and causing failures in smart service executions.

• AN-279466 - High
  Fixed an issue where the search server consumes half of the available memory of an instance by default after an upgrade. The default maximum size of the total heap space used by the search server is now set at 1 GB.

• AN-277954 - Low
  Fixed and issue where engine directories were not being created during installation.

23.4.850.0 (21 Jun 2024)

• Security Updates - High

• AN-242202 - High
  Upgraded Jackson databind in master and maint branches and Disabled jetifier flag in maint branches

23.4.830.0 (13 Jun 2024)

• Security Updates - High

• AN-271778 - High
  Updates to the Spring library version

• AN-278947 - High
  Fixed an issue that could cause the process modeler to not load for self-managed customers.

23.4.815.0 (06 Jun 2024)

• Security Updates - High

• AN-266898 - High
  Upgraded Clojure version to 1.12.0-alpha8

• AN-278415 - High
  Fixed an issue that caused a subset of columns in the records metrics log files to be reported incorrectly.

23.4.795.0 (31 May 2024)

• Security Updates - High

• AN-277857 - Critical
  changes the directory permission from root to appian for /usr/local/appian/local-data/rpa-data/tomcat8

• AN-271393 - Medium
  None

23.4.775.0 (24 May 2024)

• Security Updates - High

• AN-276098 - Medium
  Improved the query for fetching design objects.

• AN-276266 - Low
  Cleaned up the Service Manager logs from redundant messaging regarding the new Java 17 use.

23.4.760.0 (17 May 2024)

• Security Updates - High

• AN-274533 - High
  Fixed issue where sync failed with error 'specified branch timed out' during sync operations.

• AN-274920 - Medium
  Resolved an issue with Redis that was displaying Redis client 500 errors.

23.4.735.0 (09 May 2024)

• Security Updates - High

23.4.715.0 (02 May 2024)

• Security Updates - High

• AN-274238 - Medium
  Fixed an issue when trying to force logouts of user sessions.

23.4.695.0 (25 Apr 2024)

• Security Updates - High

• AN-272222 - High
  Improves the UI performance of the Reconcile Document Extraction task.

23.4.670.0 (18 Apr 2024)

• Security Updates - High

• AN-270962 - High
  Resolved a startup failure issue on single-node sites when enabling the Enhanced Data Pipeline - Business Data Replication feature.

• AN-266346 - Medium
  Apache Kafka upgrade to 3.7.0

• AN-270014 - Medium
  Search Server (Elasticsearch) is now upgraded to version 7.17.19.

• AN-270706 - Low
  Changing Locale will now update all translations upon page refresh.

23.4.650.0 (11 Apr 2024)

• Security Updates - High

23.4.630.0 (04 Apr 2024)

• Security Updates - High

• AN-269222 - Medium
  Fixed an issue that resulted in discrepancy in sizes of certain Knowledge Centers and Folders. Prior to this fix, certain Knowledge Centers and Folders displayed incorrect sizes after deletion of documents.

23.4.610.0 (28 Mar 2024)

• Security Updates - High

• AN-266118 - High
  Fixed an issue that prevented loading Data Fabric Analytics when using Microsoft SQL Server 2016 for the Appian data source.

• AN-268360 - Medium
  Fixed an issue in the real-time store that caused synced record queries to fail unexpectedly on rare occasions.

23.4.585.0 (21 Mar 2024)

• Security Updates - High

• AN-267205 - Medium
  We now allow customers to specify which region should be used by all private AI features when their environment is located outside of a supported region. Customers can request this change via Appian support.

• AN-265165 - Low
  Fixed an issues where engine process metrics were not properly collected.

23.4.565.0 (14 Mar 2024)

• Security Updates - Medium

• AN-261813 - High
  Resolved an issue to prevent cloud database replication failure in the HA configuration by setting the value of the slave_parallel_mode variable to conservative.

• AN-267042 - Medium
  Fixed an issue (in 23.4 only) where a dependent interface of a translation string became inaccessible if that string was deleted.

• AN-267576 - Medium
  Fixed issue where sync failed with error 'specified branch timed out' during sync operations.

23.4.551.0 (07 Mar 2024)

• Security Updates - Medium

• AN-259725 - High
  Upgraded ion-java library

• AN-259860 - High
  Updated grpc library

• AN-267026 - High
  Hotfix was added to AE 24.1 and AE 23.4

23.4.520.0 (28 Feb 2024)

• Security Updates - Medium

• AN-259435 - High
  Removal of special characters (non alpha numeric) from the exception REST API response

23.4.500.0 (22 Feb 2024)

• Security Updates - High

• AN-244356 - High
  Upgraded Jackson Core , Databind and Annotations in Dynamics and Sharepoint Connected Systems

• AN-262624 - High
  Performance optimization for development environments related to type and rule updates.

• AN-264450 - High
  Resolved an issue where phpMyAdmin failed to automatically log in users when a special character was set in the company.name site property.

• AN-260985 - Medium
  Fixed an issue where in rare cases file uploads would fail with a 401 error on embedded forms.

• AN-261897 - Medium
  Fixed an issue which caused infrequent synced record type outages due to data service write failures.

23.4.480.0 (15 Feb 2024)

• Security Updates - Critical

• AN-262972 - Critical
  Implemented cache to improve translation string evaluation performance

• AN-257532 - Medium
  Security Improvement

• AN-258702 - Medium
  Fixed an issue that caused embedded Appian to break for 1% of Google Chrome users, following a recent change by Google.

• AN-262858 - Medium
  Interfaces with component plugins (like the Rich Text Editor plugin) now load faster, especially when there are multiple on the same page.

23.4.460.0 (08 Feb 2024)

• Security Updates - Critical

• AN-262105 - High
  Performance improvements for interfaces that use record references.

• AN-263504 - High
  Production release of AMP stratus log streaming migration

• AN-248734 - Medium
  This fixes the issue for the ability to save a salesforce integration with large payloads over> 200KB using a Salesforce Connected System

• AN-261224 - Medium
  Fixed an issue where a!queryRecordType() and a!queryRecordByIdentifer() were sometimes causing slowness in portals.

23.4.440.0 (02 Feb 2024)

• Security Updates - High

• AN-262105 - High
  Performance improvements for interfaces that use record references.

• AN-259485 - Medium
  Fixed an issue that prevented rendering of dropdown and multiple dropdown components with null or empty values.

• AN-261480 - Medium
  Resolved an issue where the phpMyAdmin banner color was not properly displayed based on the configuration.

23.4.415.0 (26 Jan 2024)

• Security Updates - Medium

• AN-255134 - Medium
  Update to the "AI Services" translation for multiple locales.

23.4.395.0 (19 Jan 2024)

• Security Updates - High

• AN-255863 - Medium
  Upgraded jackson databind in blueprism connected system

• AN-259083 - Medium
  Fixed an issue that caused record action submissions to lead to unresponsive user interfaces in rare scenarios.

• AN-259099 - Medium
  The ability to store and view attachments on a process was deprecated in the low-code platform version 16.3, and has now been removed from platform versions later than 21.4. This change fixes an issue hampering the opening of Portlet dialogs caused by this removal.

• AN-259639 - Medium
  Fixed a bug that prevented log in and password reset for SSO users.

• AN-257760 - Low
  Resolved a user interface issue affecting the Execute Stored Procedure Smart Service within the upgrade to version 23.4. Prior to the fix, the newly introduced Auto-commit node input parameter was incorrectly displayed in the Outputs section for any existing nodes created before version 23.4. To use the Auto-commit parameter, you will need to replace the existing nodes with new ones within your process model.

23.4.377.0 (17 Jan 2024)

• AN-259639 - Medium
  Fixed a bug that prevented log in and password reset for SSO users.

23.4.376.0 (12 Jan 2024)

• Security Updates - Medium

• AN-257820 - High
  Fixed an issue that caused the failure of converting the default character set of Appian metadata schema in the cloud database to utf8mb4 due to string-based foreign keys.

• AN-258464 - High
  Fixed an issue that caused rare failures in data service background operations when running on a Windows operating system.

• AN-255864 - Medium
  Upgraded jackson libraries in salesforce-multi

• AN-258199 - Medium
  Fixed an issue which prevented certain deactivated users from being reactivated on sign in. Before this fix, deactivated users with rule based membership could not be reactivated through SAML automatically.

• AN-256587 - Low
  The ability to store and view attachments on a process was deprecated in the low-code platform version 16.3, and has now been removed from platform versions later than 21.4.

• AN-257870 - Low
  Fixed an upgrade issue where existing SQL integration objects, created with a Custom JDBC Connected System, returned an error after the site upgrade.

23.4.350.0 (05 Jan 2024)

• Security Updates - High

• AN-255692 - High
  Updated grpc, google cloud, jackson databind, jackson annotations and jackson core libraries

• AN-246050 - Medium
  Fixed an issue where product areas supported in IE Mode 11 of Edge were not working

• AN-245877 - Low
  Set entity expansion limit to 100 for XML for import export functionality

23.4.325.0 (21 Dec 2023)

• Security Updates - Critical

• AN-190829 - High
  Fixed screen reader instructions for picker components to indicate keyboard actions.

• AN-250667 - High
  Fixed accessibility issue where screen reader did not announce the number of items in a grid when the user updated any filters or searched for any particular items.

• AN-255285 - High
  Added new debug logging to help troubleshoot an issue where a!queryRecordType() returned null when placed inside a!dataSubset().

• AN-253349 - Medium
  Improved throttling mechanism for parallel thread creation and associated observability

• AN-255440 - Medium
  Upgraded the Appian Cloud database to MariaDB 10.6.16 to resolve a security vulnerability (CVE-2023-22084).

• AN-252629 - Low
  Fixed an issue that caused requests to the data service to timeout during recovery from component failure.

• AN-255978 - Low
  Fixed an issue where record view and action security rules using constants were not properly imported when the data model on the record type also changed. This caused the record views and actions to not properly display after import.

23.4.300.0 (14 Dec 2023)

• Security Updates - High

• AN-255270 - High
  Updated Jetty library to version 9.4.53.v20231009.

• AN-255533 - High
  Search Server (Elasticsearch) is now upgraded to version 7.17.15.

• AN-256853 - High
  loggedInUser() now functions as expected when used in rule inputs on Site pages.

• AN-255482 - Medium
  Updated xmlsec library to version 2.2.6

23.4.280.0 (07 Dec 2023)

• Security Updates - High

• AN-255429 - Medium
  Robotic task executions that have been queued for over 5 hours now return results back to the process model node.

23.4.265.0 (30 Nov 2023)

• Security Updates - Critical

• AN-251917 - Critical
  Updated ActiveMq library

• AN-252551 - High
  Appian Designer no longer hangs if the AI Skill service returns a bad response.

• AN-253921 - High
  Fixed an issue in the reconcile task that caused incorrect values to be highlighted in the document viewer when clicking into a field in the left-pane.

• AN-254506 - High
  Fixed an issue in the reconciliation task that prevented the appropriate icon from appearing for automatically extracted checkbox and table fields.

• CN-25284 - High
  Fixed and issue with session management for Appian Cloud.

• AN-252472 - Medium
  Fixed an issue where Health Check would time out for large customers.

• AN-253549 - Medium
  Fixed an issue where interfaces created from generating record actions used a previous version of the button component.

• AN-253495 - Low
  Fixed an issue that prevented users from changing the application for documents created from the site object.

• AN-254029 - Low
  Security Improvements

• AN-254105 - Low
  Timestamps in the Operations Console now correctly display in user's timezone.

23.4.222.0 (17 Nov 2023)

• AN-254031 - High
  Resolved an issue with High Availability Appian Cloud sites not being able to deactivate users.

23.4.221.0 (17 Nov 2023)

• Security Updates - Critical

• AN-251762 - High
  Reduces the volume of logs generated by certain long-running evaluations.

• AN-249920 - Medium
  Fixed an issue that prevented the slow log of the cloud database from being persisted on disk when restarting a site.

• AN-251203 - Medium
  Added two custom properties which control retry behavior in the event the underlying database update or insert statement encounters a deadlock as part of a Write Records transaction.

23.4.210.0 (10 Nov 2023)

• Security Updates - Critical

• AN-250737 - High
  Updates to google cloud, google cloud storage, jackson-databind, and grpc libraries within the Google Cloud Connected Systems

• AN-247653 - Medium
  Fixed a Bug in xpathsnippet and xpathdocument function causing xpath issues when parsing xmls which have same namespace prefix pointing to different URIs.In 23.2 fixed issues to support the local-name xpath function.

23.4.180.0 (02 Nov 2023)

• Security Updates - Critical

• AN-245003 - High
  Fixed an issue that prevented some documents from being rendered properly in the reconciliation task when opening the task from a record action or the process modeler debug view.

• AN-249578 - Medium
  Fixed an issue that caused a migration in the execution engine to fail due to certain work items, preventing the upgrade to Appian 22.4 and later versions.

23.4.155.0 (26 Oct 2023)

• Security Updates - Critical

• AN-244869 - Critical
  Delay the Primary Key Enforcement feature roll-out for new cloud sites using MariaDB as the business data source to a future release.

• AN-241658 - High
  Fixed an issue where in some cases xpathsnippet() would return an error

• AN-248677 - High
  Fixed an issue where the validation for sequence increment values failed when the primary key of an Oracle Data Store was configured to automatically increment a sequence value greater than one. This issue pertains to customers who are upgrading to version 22.4 or later. You have the option to enable conf.data.hibernate.sequence.ignoreIncrement.enabled site property in the custom.properties to bypass this validation.

• AN-250045 - High
  Fixed display of HTML elements as text in rich text editor for Send-Email body node in Process Model

• AN-251116 - High
  Fixed an issues where logs were not rotating.

• AN-239336 - Medium
  Fixed an issue where a small number of RDBMS audit log events were intermittently not being streamed to customers during log rotation.

• AN-244149 - Medium
  Fixed an issue to ensure consistent error handling behavior between platform versions when using the @Version annotation in a CDT XSD to prevent lost update anomalies.

• AN-249103 - Medium
  Fixed an issue that caused unnecessary processing time for some synced records queries that use Record-Level Security or apply filters within a logical expression using the "OR" operator.

• AN-243892 - Low
  Fixed an issue that was causing users to encounter error code 500 when trying to access the cloud database through phpMyAdmin.

• AN-248145 - Low
  The memory limit applied to user interfaces throughout Appian is now configurable by Appian Support and will be persisted after a site restart.

23.4.105.0 (13 Oct 2023)

• Security Updates - Critical

• AN-244869 - Critical
  Delay the Primary Key Enforcement feature roll-out for new cloud sites using MariaDB as the business data source to a future release.

• AN-248369 - Critical
  Fixed an issue where HTTP integrations using Google Service Account authentication didn't respect the HTTP proxy configuration

• AN-241658 - High
  Fixed an issue where in some cases xpathsnippet() would return an error

• AN-246311 - High
  Updated third party libraries

• AN-248677 - High
  Fixed an issue where the validation for sequence increment values failed when the primary key of an Oracle Data Store was configured to automatically increment a sequence value greater than one. This issue pertains to customers who are upgrading to version 22.4 or later. You have the option to enable conf.data.hibernate.sequence.ignoreIncrement.enabled site property in the custom.properties to bypass this validation.

• AN-248721 - High
  Fixed issue where process models could not be saved if HTML decoding in the message Body of the Send Email node occurred

• AN-239336 - Medium
  Fixed an issue where a small number of RDBMS audit log events were intermittently not being streamed to customers during log rotation.

• AN-244149 - Medium
  Fixed an issue to ensure consistent error handling behavior between platform versions when using the @Version annotation in a CDT XSD to prevent lost update anomalies.

• AN-247518 - Medium
  Fixed issue where process node evaluation could trigger the Memory Circuit Breaker

• AN-248874 - Medium
  Robotic tasks and robot pools are now able to run on VPN-only environments.

• AN-248145 - Low
  The memory limit applied to user interfaces throughout Appian is now configurable by Appian Support and will be persisted after a site restart.

Installation

Perform the following steps to apply the hotfix:

1. Stop Appian. See Starting and Stopping Appian for detailed instructions:
   1. Shut down the application server.
   2. Shut down the search server.
   3. Shut down the data server.
   4. Shutdown all Appian Engines, ensuring that the engines are checkpointed upon shutdown.
2. Back up your existing Appian instance. See Backing Up Your Existing Appian Instance.
3. Unzip the contents of the Hotfix package 23.4.885.0 into your <APPIAN_HOME> directory.
4. Run the deleteFiles script (deleteFiles.bat on Windows, deleteFiles.sh on Linux) that is now located in your <APPIAN_HOME> directory.
   • If the script reports that some files were not deleted, address the reason for the failure (common causes listed below), and run it again until it no longer reports failed deletions.
   • Common causes of failed file deletion include:
   • The file is open in another window or process
   • The file is locked
   • You do not have permission to delete the file
5. Unzip the contents of the updates.zip archive that is now located your <APPIAN_HOME> directory.
6. Run the installJdk script (installJdk.bat on Windows, installJdk.sh on Linux).
7. If you maintain customized or overridden Spring Security .xml files, merge them with the associated base files in the /deployment/web.war/WEB-INF/conf/security/ directory.
8. Delete the following files:
   Linux
   • deleteFiles.sh
   • installjdk script.sh
   • OpenJDK8U-jdk_x64linux_hotspot.tar.gz
   • updates.zip

   Windows

   • deleteFiles.bat
   • installjdk script.bat
   • OpenJDK8U-jdk_x64windows_hotspot.zip
   • updates.zip
9. If you are using a Web server, copy the content of <APPIAN_HOME>/deployment/web.war to the folder where the Web server is getting the static resources. See Copy Static Resources to the Web Server for more information.
10. Run the configure script to deploy your environment's configuration and re-configure any node names previously set by the configure script tools.
11. Start Appian:
    1. Start the Appian Engines.
    2. Start the data server.
    3. Start the search server.
    4. Start the application server.

To determine if the Appian 23.4 Hotfix is deployed, open the build.info file located in <APPIAN_HOME>/conf/. The contents of this file should match the following code sample:

build.revision=e28ab43738b285b46d2f092b60af938d1a6c3724
build.version=23.4.885.0