Dear HealthShare Customer:

This post is part of the HealthShare HS2020-04 Alert communications process.

InterSystems has corrected a defect that can result in data integrity issues on systems using mirroring.

This defect affects:

• All currently released versions of InterSystems IRIS and IRIS for Health, except 2020.1
• Caché and Ensemble versions beginning with 2011.1.1
• All HealthShare products based on the above Data Platforms versions

This defect is more likely to be encountered in IRIS and IRIS for Health 2019.4. It is highly unlikely to have occurred on deployed systems running any other version.

Starting in March 2020, Microsoft plans to release a series of security updates that will cause Windows Active Directory (AD) servers to reject unencrypted simple binds. For more details on the changes to Active Directory, see Microsoft’s Security Advisory ADV190023.

Instances of all InterSystems products using LDAP with Windows AD servers for user login can be impacted if they are not already properly configured to use TLS/SSL. The impact is not limited to instances running on Windows versions.

Dear HealthShare Customer:

This post is part of the HealthShare HS2020-03 Alert communications process.  The same information is also distributed:

• By Email
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

There are 7 alerts in the HealthShare HS2020-03 Alert communication, including the previously posted "March 25, 2020 Alert: Possible Data Integrity Issues after Compaction or Defragmentation."  The summary is in the table below, and the detail is contained in the attached document: HealthShare HS2020-03.

InterSystems has corrected two defects that, in rare circumstances, can result in data integrity corruption after running global compaction, database compaction, or database defragmentation. InterSystems recommends avoiding these utilities until after applying the corrections listed below.

1. The first defect is caused by database compaction, defragmentation, or global compaction, and can result in database corruption. If you have used one of these utilities on a database, InterSystems recommends that you perform an integrity check on it. This will identify any data corruption that has occurred.

This message contains three recent HealthShare Advisories, which are available below.

These advisories are also on the InterSystems Product Alerts and Advisories page

• Advisory: Patient data is missing in the HSAA.PatientNumber table
• Advisory: The UpdatePlan for all cubes and cube groups is set to be Manual instead of BuildSynch
• Advisory: Slow DELETE query during Health Insight data ingestion

In light of the COVID-19 situation worldwide, InterSystems is working to ensure continuous support for our customers, promote the health and well-being of our employees, and protect the communities where we live and work. Please view our statement and frequently asked questions.

In addition, we have also established a special email address, COVID-19@InterSystems.com, should you have any questions or concerns.

As we have for 41 years, we stand by our commitment to customers and are prepared to support you during this challenging time.

Sincerely, 

John Paladino

Vice President, Client Services

This message contains five recent HealthShare Advisories, which are available below.

*** Update 2/11/20 2:15pm ***

*** 2017.2.1 version is NOT affected ***

InterSystems has corrected a defect that can cause the CSP Gateway to forward a response to the wrong web client. This defect is not present in the Web Gateway.

The CSP Gateway is distributed as a component of a full instance installation and also as a standalone installer. Both distributions are affected by the defect. The CSP Gateway installed with the private Apache web server for the Management Portal is also vulnerable. The affected versions of the CSP Gateway are associated with Caché or Ensemble:

• 2016.1.

InterSystems has corrected a defect that can result in skipping a transaction rollback. This can only occur after activation or addition of a mirrored database on a primary mirror member.

This problem exists for:

• Caché and Ensemble 2018.1.3
• InterSystems IRIS data platform 2019.1.1, 2019.3, and 2019.4
• InterSystems IRIS for Health 2019.1.1, 2019.3, and 2019.4
• HealthShare Health Connect 2019.1.1

The conditions necessary for this defect to be triggered are quite specific. All of the following must apply:

• A database has been newly activated or added to a mirror on a primary mirror member.

Updated 1/30/2020

*** The affected product versions have changed ***

*** The affected versions are Caché and Ensemble beginning with 2016.2.0.  ***

*** Caché and Ensemble 2016.1.0 is not at risk for this defect ***

InterSystems has corrected a defect that can cause database degradation in extremely rare circumstances. Associated problems may include, but are not limited to, incorrect or missing application data and system hangs.

This defect affects:

• All versions of InterSystems IRIS and IRIS for Health
• Caché/Ensemble versions beginning with 2016.2.

InterSystems has corrected a defect that can cause shadowing to fail with an access violation. In rare cases, the defect can cause memory corruption, leading to unpredictable behavior. 

Note: The defect does not affect mirroring.

This defect affects:

• InterSystems IRIS 2019.1.1 and 2019.3
• IRIS for Health 2019.1.1 and 2019.3
• HealthShare Health Connect 2019.1.1
• HealthShare Health Connect (HSAP) 15.032 on 2018.1.3
• Caché and Ensemble 2018.1.

InterSystems has corrected several critical defects that can result in data integrity issues. These defects were identified and corrected within a short time, so InterSystems has simplified the upgrade process by consolidating them into a single package. The effects of encountering these defects may not always be visible. These defects affect InterSystems IRIS, IRIS for Health, Health Connect, Caché, Ensemble, and HealthShare products. All of these defects relate to the application of journal data.

InterSystems recommends that you review this document.

InterSystems has corrected a defect in applications that use Unicode character 223 (ß). This defect can result in incomplete query results, class compilation errors, and removal of custom SQL privileges.

This problem occurs on systems that are running or have previously run on:

• Caché and Ensemble 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare Health Connect (HSAP) 15.032 on Core versions 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare Health Connect 2019.1
• InterSystems IRIS data platform – all currently released versions
• InterSystems IRIS for Health – all currently released versions

The defect is triggered by data and component names containing Unicode character 223 (ß). In the versions listed above, an uppercase conversion incorrectly maps that character to Unicode character 7838 (ẞ).  Applications perform this uppercase conversion using features such as $ZCONVERT and %SQLUPPER.

Problems can occur when accessing data or classes created or modified on a product with a different uppercase conversion than the one currently in use.

InterSystems has corrected a defect that could lead to invalid backups on Windows platforms. The defect causes upgrades to disable the EnableVSSBackup setting. By default, EnableVSSBackup is enabled (value set to 1) and the upgrade sets its value to 0. Windows VSS backups taken with this setting disabled may contain invalid CACHE.DAT files.

This problem is limited to Windows platforms on the following versions:

• Caché and Ensemble 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare Health Connect (HSAP) 15.032 on Core versions 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare 2019.1 (Unified Care Record, Patient Index, Health Insight, Personal Community, and Provider Directory) on Core version 2018.1.2
• HealthShare 2018.1 (Information Exchange, Patient Index, Health Insight, and Personal Community) on Core versions 2018.1.1 or 2018.1.0

The defect only occurs if you are upgrading to a version listed above. Once you have upgraded to an affected version, you must manually enable the setting; otherwise, it will be disabled on future upgrades, even when upgrading to versions containing the correction.

For customers using Windows VSS backups, InterSystems recommends enabling this setting on any 2018.1 instances of Caché or Ensemble. Once you have enabled the setting, future upgrades (including to affected versions) will preserve its value.

InterSystems has corrected a memory leak in applications that pass by reference to a formal parameter that accepts a variable number of arguments.

This problem exists for:

• InterSystems IRIS Data Platform – all currently released versions
• InterSystems IRIS for Health – all currently released versions
• HealthShare Health Connect 2019.1.0

If this defect occurs, the process partition will eventually be exhausted, resulting in a <STORE> error.

InterSystems has corrected a defect that can result in application data integrity issues following an abnormal shutdown.

This problem exists for:

• Caché and Ensemble 2018.1.2
• HealthShare Health Connect (HSAP) 15.032 on Core version 2018.1.2
• InterSystems IRIS Data Platform 2019.1
• InterSystems IRIS for Health 2019.1
• HealthShare Health Connect 2019.1

The defect breaks the journal sync guarantee that all updates in the journal buffer have been written to the journal file. The failure is silent: it does not generate an error message and there is no entry about it in any log file.

March 14, 2019 – Alert: Data Integrity Issue with Mirror Database Catchup

InterSystems has corrected a defect in our mirroring technology that can result in inconsistency between mirrored databases. This defect exists for currently released Caché and Ensemble versions beginning with 2017.2 and for InterSystems IRIS Data Platform version 2018.1.

When the issue occurs, some journal updates are not applied to a mirrored database on the backup mirror member or an async member that is being caught up.

InterSystems has corrected a defect that impacts the use of X.509 private keys stored in Caché, Ensemble, and Health Connect, but only in 2018.1.1, on any platform.

This defect does not affect new installations of 2018.1.1, only upgrades to that version. It affects WS-Security, not SSL/TLS Configurations.

If your environment uses X.509 credentials with private keys and has been upgraded to 2018.1.1, some functions and queries that use the private keys will fail. To correct this problem, please contact the Worldwide Response Center (WRC) and request the utility developed to address the issue.

InterSystems has corrected a defect that can result in data integrity problems in environments that use InterSystems mirroring in conjunction with parallel dejournaling. This problem exists for currently released Caché and Ensemble versions beginning with 2017.2 and for InterSystems IRIS Data Platform version 2018.1.

Ensuring that you are protected from this issue

Your system is at risk only if you have a mirroring environment that supports parallel dejournaling for mirrored database catchup.

October 12, 2018 – Alert: Ordering of XML Sibling Elements

InterSystems has corrected a defect that can cause a reordering of sibling elements in an XML document. This issue is limited to sibling elements that are represented in the database as objects in a relationship.

This problem exists on all platforms for the following products:

• InterSystems IRIS Data Platform 2018.1.0 and above
• InterSystems IRIS for Health 2018.1.2
• Caché and Ensemble 2017.2.0 and above
• Health Connect/HSAP based on Caché/Ensemble 2017.2.

June 25, 2018 – Alert: Outer Join Query Results

InterSystems has corrected two defects that can cause SQL outer joins to return incorrect results. These defects can also impact DeepSee in Caché and Ensemble, as well as InterSystems Business Intelligence in InterSystems IRIS; in these cases, building and synchronizing some analytic models may result in build errors.

These issues exist on all platforms for the following released InterSystems Data Platform products:

• InterSystems IRIS Data Platform 2018.1.1
• Caché and Ensemble 2017.2.0 and 2017.2.1
• HealthShare Health Connect 15.03 on Ensemble 2017.2.0.

July 27, 2017 – Alert: Linux Defects Can Corrupt Mirror Copies of Journal Files

InterSystems has encountered defects in Linux which can corrupt copies of journal files that are generated on a mirror backup or async member; this occurs only in certain specific configurations. The original mirror journal file created on the primary member is not affected.

The risk is only exposed in Caché, Ensemble, and HealthShare distributions beginning with version 2017.1.0. The risk only exists on Linux and only if a backup or async mirror member is configured to use the rtkaio library.

June 26, 2017 – Alert: Data Corruption with Mixed Endian Mirror Shadowing

InterSystems has corrected a defect that may result in corruption of Unicode data on a shadow system whose source is an async mirror member.

This defect affects all currently released Caché, Ensemble, and HealthShare distributions beginning with version 2012.2.0.  All platforms and operating systems are affected.

In order to be exposed to the risk the configuration must include mirror primary and async members, and a shadow of the async member.

November 22, 2016 – Alert: Database Integrity on UNIX^® and Linux Platforms

InterSystems has corrected a defect that may, in rare circumstances, result in database degradation on UNIX and Linux platforms.

This defect affects Caché, Ensemble, and HealthShare distributions beginning with Caché version 2012.1. It is only a possible risk on UNIX and Linux platforms that are using asynchronous I/O for database writes. The following table specifies if asynchronous I/O is always on or optional for the affected platforms and releases:

InterSystems has corrected a defect that may result in missing updates when utilizing Caché online backup.

This defect is present in all Caché and Ensemble versions 2015.1.x, 2015.2.x and 2016.1.x, and all HealthShare distributions based on those versions.  It affects all platforms and operating systems except backups of OpenVMS cluster databases.

The risk does not exist for Mirror Catchup applied to mirrored databases restored from Caché online backup.

The risk only exists when restoring from Caché online backup and applying journal files.

August 24, 2016 – Alert: Database Compaction

This is an addendum to the Alert published on October 14, 2015 – Alert: Database Defragmentation.

That alert indicated that the database defragmentation utility in 2014.1 and higher, on all platforms except OpenVMS, could cause database degradation and the correction JO2871 is available to clients upon request and would be included in future releases.  The correction was included in 2015.1.3, 2015.2.2 and 2016.1.

July 6th, 2016

InterSystems has corrected a defect with Mirroring that can impact data integrity

The defect is present in all released versions Caché, Ensemble, and HealthShare beginning with 2015.2.0. It is present for all platforms and affects both failover and asynchronous mirroring configurations.

February 25, 2016 – Alert: Incorrect SQL Results InterSystems has corrected a defect that can cause incorrect results for certain SQL INSERT, UPDATE, and DELETE statements.

This defect is present only in Caché and Ensemble 2015.2 and HealthShare distributions based on them. The problem affects all platforms.

Incorrect results occur only when two or more of these statements are nested within each other.

The example below demonstrates one possible way for this problem to happen:

1. The class has an UPDATE trigger that uses embedded SQL to modify a table.