February 11, 2021 – Alert: Incomplete Query Results with ‘ORDER BY <row ID field> DESC’

InterSystems has corrected a defect that can cause incomplete query results. This defect affects:

• InterSystems IRIS and InterSystems IRIS for Health 2019.1.0, 2019.1.1, 2019.2, 2019.3, 2019.4, 2020.1.0, 2020.2, and 2020.3
• HealthShare Health Connect 2019.1.0, 2019.1.1, 2020.1.0
• HealthShare Products 2019.2, 2020.1 and 2020.2

(In HealthShare and HealthShare Health Connect, this defect only affects Personal Community with 64,000 patient proxies and possibly customer-built custom queries.

InterSystems has corrected a defect that may cause Windows Telnet processes that are secured using SSL/TLS to hang indefinitely; this may then cause an instance to become unresponsive. This defect is present only on Windows platforms.

This defect affects:

• Caché and Ensemble 2018.1.4
• HealthShare Health Connect (HSAP) 15.032 built on C/E 2018.1.4
• InterSystems IRIS and InterSystems IRIS for Health 2020.3

The problems caused by this defect can occur only when the instance is running Windows Telnet.

InterSystems has corrected a defect that can cause a build-up of orphaned processes consuming system resources. In extreme cases, this can cause a system to become unresponsive.

This defect affects the following versions:

• Caché and Ensemble 2018.1.4
• InterSystems IRIS and InterSystems IRIS for Health 2019.4, 2020.1, and 2020.2
• HealthShare Health Connect (HSAP) 15.032 built on Ensemble 2018.1.4
• HealthShare Health Connect 2020.1

No other InterSystems product versions are affected by this issue.  Specifically, earlier versions of Caché and Ensemble, Health Connect 2019.1 and 2019.1.

InterSystems has corrected a defect that can result in skipping a transaction rollback. This can only occur after activation or addition of a mirrored database on a primary mirror member.

This problem exists for:

• Caché and Ensemble 2018.1.3
• InterSystems IRIS data platform 2019.1.1, 2019.3, and 2019.4
• InterSystems IRIS for Health 2019.1.1, 2019.3, and 2019.4
• HealthShare Health Connect 2019.1.1

The conditions necessary for this defect to be triggered are quite specific. All of the following must apply:

• A database has been newly activated or added to a mirror on a primary mirror member.

InterSystems has corrected several critical defects that can result in data integrity issues. These defects were identified and corrected within a short time, so InterSystems has simplified the upgrade process by consolidating them into a single package. The effects of encountering these defects may not always be visible. These defects affect InterSystems IRIS, IRIS for Health, Health Connect, Caché, Ensemble, and HealthShare products. All of these defects relate to the application of journal data.

InterSystems recommends that you review this document.

InterSystems has corrected a defect in applications that use Unicode character 223 (ß). This defect can result in incomplete query results, class compilation errors, and removal of custom SQL privileges.

This problem occurs on systems that are running or have previously run on:

• Caché and Ensemble 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare Health Connect (HSAP) 15.032 on Core versions 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare Health Connect 2019.1
• InterSystems IRIS data platform – all currently released versions
• InterSystems IRIS for Health – all currently released versions

The defect is triggered by data and component names containing Unicode character 223 (ß). In the versions listed above, an uppercase conversion incorrectly maps that character to Unicode character 7838 (ẞ).  Applications perform this uppercase conversion using features such as $ZCONVERT and %SQLUPPER.

Problems can occur when accessing data or classes created or modified on a product with a different uppercase conversion than the one currently in use.

InterSystems has corrected a defect that could lead to invalid backups on Windows platforms. The defect causes upgrades to disable the EnableVSSBackup setting. By default, EnableVSSBackup is enabled (value set to 1) and the upgrade sets its value to 0. Windows VSS backups taken with this setting disabled may contain invalid CACHE.DAT files.

This problem is limited to Windows platforms on the following versions:

• Caché and Ensemble 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare Health Connect (HSAP) 15.032 on Core versions 2018.1.0, 2018.1.1, and 2018.1.2
• HealthShare 2019.1 (Unified Care Record, Patient Index, Health Insight, Personal Community, and Provider Directory) on Core version 2018.1.2
• HealthShare 2018.1 (Information Exchange, Patient Index, Health Insight, and Personal Community) on Core versions 2018.1.1 or 2018.1.0

The defect only occurs if you are upgrading to a version listed above. Once you have upgraded to an affected version, you must manually enable the setting; otherwise, it will be disabled on future upgrades, even when upgrading to versions containing the correction.

For customers using Windows VSS backups, InterSystems recommends enabling this setting on any 2018.1 instances of Caché or Ensemble. Once you have enabled the setting, future upgrades (including to affected versions) will preserve its value.

InterSystems has corrected a memory leak in applications that pass by reference to a formal parameter that accepts a variable number of arguments.

This problem exists for:

• InterSystems IRIS Data Platform – all currently released versions
• InterSystems IRIS for Health – all currently released versions
• HealthShare Health Connect 2019.1.0

If this defect occurs, the process partition will eventually be exhausted, resulting in a <STORE> error.

InterSystems has corrected a defect that impacts the use of X.509 private keys stored in Caché, Ensemble, and Health Connect, but only in 2018.1.1, on any platform.

This defect does not affect new installations of 2018.1.1, only upgrades to that version. It affects WS-Security, not SSL/TLS Configurations.

If your environment uses X.509 credentials with private keys and has been upgraded to 2018.1.1, some functions and queries that use the private keys will fail. To correct this problem, please contact the Worldwide Response Center (WRC) and request the utility developed to address the issue.

InterSystems has corrected a defect that can result in data integrity problems in environments that use InterSystems mirroring in conjunction with parallel dejournaling. This problem exists for currently released Caché and Ensemble versions beginning with 2017.2 and for InterSystems IRIS Data Platform version 2018.1.

Ensuring that you are protected from this issue

Your system is at risk only if you have a mirroring environment that supports parallel dejournaling for mirrored database catchup.

NB. Please be advised that PKI is not intended to produce certificates for secure production systems. You should make alternate arrangements to create certificates for your productions.
NB. PKI is deprecated as of IRIS 2024.1: documentation and announcement.

In this post, I am going to detail how to set up a mirror using SSL, including generating the certificates and keys via the Public Key Infrastructure built in to InterSystems IRIS Data Platform. I did a similar post in the past for Caché, so feel free to check that out here if you are not running InterSystems IRIS. Much like the original, the goal of this is to take you from new installations to a working mirror with SSL, including a primary, backup, and DR async member, along with a mirrored database. I will not go into security recommendations or restricting access to the files. This is meant to just simply get a mirror up and running. Example screenshots are taken on a 2018.1.1 version of IRIS, so yours may look slightly different.

An installation or upgrade of Caché, Ensemble, or HealthShare on Windows could fail with the titled error if a newer version of the Microsoft Visual C++ Redistributable 2013 (x86) or (x64) is installed instead of version 12.0.30501.

If you encounter this error during an installation, you can get around it by uninstalling those versions of the redistributables in the Control Panel, then manually installing both x86 and x64 older versions directly from this link This problem has been corrected in maintenance kits 2016.1.4 and 2016.2.2 and all released 2017 versions by devchange ALE2949.

I was trying to find an article today that I knew had been posted about Wireshark installations causing problems with Studio and other Caché components. If I search the community for 'Wireshark install', the article I'm looking for does not even show up. I found it eventually in the text of one of the Digest post, but this is the article:

https://community.intersystems.com/post/wireshark-installer-could-affect-studioexe-and-csystrayexe-windows

How could that possible not show up for a search for 'Wireshark install'?

NB. Please be advised that PKI is not intended to produce certificates for secure production systems. You should make alternate arrangements to create certificates for your productions.
NB. PKI is deprecated as of IRIS 2024.1: documentation and announcement.

In this post, I am going to detail how to set up a mirror using SSL, including generating the certificates and keys via the Public Key Infrastructure built in to Caché. The goal of this is to take you from new installations to a working mirror with SSL, including a primary, backup, and DR async member, along with a mirrored database.

Presenters: Pete Greskoff, Sebastian Musielak
Task: Ensure high availability of your HealthShare deployments
Approach: Discuss high-availability options and focus on HealthShare’s new support for database mirroring
 

With the new release of HealthShare, Mirroring is now support for high availability. This session will describe high availability options and focus on mirroring your HealthShare deployments.

Content related to this session, including slides, video and additional learning content can be found here.