Skip to main content

InterSystems IRIS® Change Notes (2023.1.5)

This document is meant to help you assess the impact of upgrading to the InterSystems IRIS 2023.1.5 maintenance release. It lists fixed issues and other changes since 2023.1.0, grouped by maintenance release number and category. To see a list of incompatibilities between an earlier version of InterSystems IRIS and the 2023.1.5 release, use the Upgrade Impact Checklist.

InterSystems News, Alerts, and Advisories

From time to time, InterSystems publishes items of immediate importance to users of our software. These include alerts, mission-critical issues, important updates, fixes, and release announcements. You can obtain the most current list at https://www.intersystems.com/support-learning/support/product-news-alerts/Opens in a new tab. InterSystems recommends that you check this list periodically to obtain the latest information on these issues.

Changes Introduced in 2023.1.5

Fixed Security Issues

DP-427673

CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity: Medium
CVSS Score: 6.4
Version: 2023.1.5

FIXED: For a particular page within InterSystems portal applications, an attacker may be able to craft a malicious link to execute arbitrary JavaScript.

DP-432190

CWE: CWE-613: Insufficient Session Expiration
Severity: Medium
CVSS Score: 5.6
Version: 2023.1.5

FIXED: Under certain configurations, explicit OAUTH logout may not complete, and a session would still be valid until it expired.

DP-432619

CWE: CWE-284: Improper Access Control
Severity: Medium
CVSS Score: 5.4
Version: 2023.1.5

FIXED: A user may be able to view some entries within other users’ SQL query history (only the SQL statements themselves, not the results of the queries).

Analytics

DP-433422: Fix call to delete facts in UPDATEFACTSTEMP task

Category: Analytics
Platforms: All
Version: 2023.1.5

This change ensures that calls to %SynchronizeCube in asynchronous mode correctly delete facts corresponding to deletions of source records.

Analytics - IRIS BI

DP-430279: Clean Up Temporary ID Table in %SynchronizeCube

Category: Analytics - IRIS BI
Platforms: All
Version: 2023.1.5

This corrects a failure to clean up a tempID table if a call to %SynchronizeCube uses parallel background tasks that fail for any reason.

DP-431453: Security updates for Business Intelligence dashboard

Category: Analytics - IRIS BI
Platforms: All
Version: 2023.1.5

This change improves the security of the InterSystems IRIS Business Intelligence dashboard.

DP-432093: CSPSHARE parameter removed from IRIS BI export URLs

Category: Analytics - IRIS BI
Platforms: All
Version: 2023.1.5

Previously, IRIS BI export utilities used the CPSHARE parameter to handle session cookies. To avoid unnecessary conflict with the application's "Prevent login CSRF attack" web security setting, this parameter is no longer used. Instead, the CSP architecture now automatically maintains the session.

DP-432207: Enforce pWait parameter when Resultset:%ExecuteAsynch fails to obtain a write lock

Category: Analytics - IRIS BI
Platforms: All
Version: 2023.1.5

Previously, when a %DeepSee.ResultSet:%ExecuteAsynch call with parameter pWait=1 failed to obtain a write lock on a query that was already being worked on my another ResultSet, it could ignore the pWait parameter, resulting in a faulty response. Now when a call fails to obtain a write lock, the pWait parameter is enforced and the %DeepSee.ResultSet:%ExecuteAsynch call will wait for completion until timeout.

Analytics - Reports

DP-429661: Upgrade Formatting Objects Processor from 2.4 to 2.9 for Zen Reports

Category: Analytics - Reports
Platforms: All
Version: 2023.1.5

Upgraded Formatting Objects Processor from version 2.4 to version 2.9 for Zen Reports.

DP-432529: Update PDFBox source files

Category: Analytics - Reports
Platforms: All
Version: 2023.1.5

The change updates the source files for PDFBox to version 2.0.31.

Containers

DP-422624: use machid 77/78 for dockerubuntu platforms when HSCONTAINERS build option is specified

Category: Containers
Platforms: All
Version: 2023.1.5

When the build option HSCONTAINERS is specified in the build specification, dockerbuntux64 build will use machid 77 and dockerubuntuarm64 kernel will use machid 78.

DP-432035: Upgrade to httpd 2.4.59 in WebGateway-LockedDown Docker image

Category: Containers
Platforms: All
Version: 2023.1.5

This change upgrades httpd to version 2.4.59 in the WebGateway-LockedDown Docker image.

CPF File

DP-423297: CPF: Add retry logic to mirror join

Category: CPF File
Platforms: All
Version: 2023.1.5

This change adds logic to initiate a retry and a timeout when invoking the Sys.Mirror.JoinMirrorAsFailoverMember() method. This change targets an error that that prevented the method from retrieving mirror member information.

DP-432379: Activate namespace changes before other [Actions] need them

Category: CPF File
Platforms: All
Version: 2023.1.5

Previously, [Actions] that required activation of a certain namespace could execute before that namespace was activated, causing a Namespace error. Namespace activation now takes place before the [Actions] that need them.

CSP / ZEN

DP-429338: Enable the Setting "Prevent Login CSRF Attack" by Default for New Applications and InterSystems IRIS Applications

Category: CSP / ZEN
Platforms: All
Version: 2023.1.5

DP-421886 hardens the system against session fixation attacks. For CSP applications, session sharing with CSPSHARE=1 isn't allowed anymore with "Prevent Login CSSRF attack" checked. "Prevent Login CSSRF attack" should be checked by default, according to the following rules: 

1. New CSP/ZEN apps that created by clients should have "Prevent Login CSRF Attack" enabled by default.

2. The following InterSystems IRIS applications should have "Prevent Login CSRF Attack" enabled by default:  |/ui/interop/rule-editor|Rule Editor| |/csp/broker|Common static file store| |/csp/sys |System Management Portal| |/csp/sys/exp|System Management Developer Portal| |/csp/sys/mgr|System Management Manager Portal| |/csp/sys/op|System Management Operator Portal| |/csp/sys/sec|System Management Security Portal| |/csp/documatic|Documentation class reference| |/isc/pki|InterSystems PKI Certificate Authority server|

DP-433777: Remove CSPSHARE from SQL Dialog url

Category: CSP / ZEN
Platforms: All
Version: 2023.1.5

Previously, the SQL interface in the Management Portal used the CPSHARE parameter to handle session cookies. To avoid unnecessary conflict with the application's "Prevent login CSRF attack" web security setting, this parameter is no longer used. Instead, the CSP architecture now automatically maintains the session.

CSP Server

DP-431672: Security improvements for handling OAuth2 tokens

Category: CSP Server
Platforms: All
Version: 2023.1.5

This change improves security for OAuth2 tokens.

Embedded Python

DP-421463: Fix Python shell support for i/o redirection

Category: Embedded Python
Platforms: All
Version: 2023.1.5

This change corrects support for i/o redirection when using the Python shell.

DP-430600: Fix crash when embedded Python calls SAX Parser

Category: Embedded Python
Platforms: All
Version: 2023.1.5

This change fixes a bug that caused a crash when embedded Python called methods in %XML.Reader (which uses the SAX Parser).

Interoperability

DP-431491: Prevent silent failure and orphaning during Business Processes cleanup

Category: Interoperability
Platforms: All
Version: 2023.1.5

Previously, failed attempts at deleting persistent Business Process objects would delete the Business Process, but orphan its associated Context and Thread objects. This failure would also not be reported to the caller nor recorded in the Event Log. This issue has been resolved; these types of errors are now logged and preserve the Business Process object so it can be deleted later.

DP-432126: Messaging client version upgraded to 1.2.5

Category: Interoperability
Platforms: All
Version: 2023.1.5

Messaging client version upgraded to 1.2.5

Journaling

DP-422557: Correct a rare <UNDEFINED> error in JRNROLL

Category: Journaling
Platforms: All
Version: 2023.1.5

This change corrects a rare <UNDEFINED> error in journal rollback at startup.

DP-430495: Addressed possible data integrity issues in mirroring

Category: Journaling
Platforms: All
Version: 2023.1.5

This change addressed two issues that could cause missing updates in mirror dejournaling, thus affecting data integrity.

DP-432348: Error renaming journal file no longer causes system to hang

Category: Journaling
Platforms: All
Version: 2023.1.5

Previously, an error renaming journal files could cause journal switch to fail and the system to hang in a transient condition. This has been fixed.

Kernel

DP-423072: Don't report any blocks in wdginit when the directory table is empty

Category: Kernel
Platforms: All
Version: 2023.1.5

Previously there was an issue that would cause attempts to start an instance of your InterSystems product to consistently fail during WIJ recovery, if a crash occurred very early during the instance's startup process.

Licensing

DP-432449: Cap app licenses to prevent accvio

Category: Licensing
Platforms: All
Version: 2023.1.5

Previously, app licenses could allocate a huge license table on a core-based key, causing an access violation, potentially corrupting shared memory. This change caps app licenses at 200,000 and prevents accvio.

Localization

DP-432271: correctly convert filenames on Unicode systems

Category: Localization
Platforms: All
Version: 2023.1.5

Previously, there was an issue that incorrectly raised "file not found" errors when parsing XML files on a Unicode system. This issue has been resolved.

Management Portal

DP-434292: Escape output captured by %CSP.Portal.SourceControl.IO if NewLineTranslation is set

Category: Management Portal
Platforms: All
Version: 2023.1.5

Previously, some line breaks added by %CSP.Portal.SourceControl.IO were HTML-escaped, resulting in an incorrect display of source control output in the Management Portal. This issue has been resolved.

Mirroring

DP-427027: Shutdown ECP server connection when mirror member type is changed could clear ptransindex unexpectedly.

Category: Mirroring
Platforms: All
Version: 2023.1.5

Previously, shutting down an ECP server connection when a mirror member type is changed could unexpectedly result in a <COMMAND> error that would fail to update the Config.MirrorMember data and fail the promotion. This issue has been resolved.

NLP

DP-429728: Remove UIMA components from IRIS

NOTE: This item may require a change to code, configuration, or operation.

Category: NLP
Platforms: All
Version: 2023.1.5

Following the deprecation of UIMA in 2020.1, it has been removed from the product in this release.

NLP Core

DP-431233: Upgrade Hunspell library to version 1.3.4

Category: NLP Core
Platforms: All
Version: 2023.1.5

This change upgrades the Hunspell library to version 1.3.4.

DP-433246: Remove UIMA references in InterSystems IRIS Java pom.xml file

Category: NLP Core
Platforms: All
Version: 2023.1.5

All UIMA components were removed from InterSystems IRIS in a previous release. This change removes references to UIMA from InterSystems IRIS Java pom.xml.

Object Library

DP-431935: Change JWK "kid" field to a string

Category: Object Library
Platforms: All
Version: 2023.1.5

Previously, the JWK field "kid" was incorrectly stored as a number instead of a string, which could cause third-party applications to return an error when validating data types. This issue has been resolved.

DP-431999: Improve security of OAuth2

Category: Object Library
Platforms: All
Version: 2023.1.5

This change improves the security of OAuth2.

ObjectScript

DP-432654: Correct $vectorop("-", vexpr) negation for certain values

Category: ObjectScript
Platforms: All
Version: 2023.1.5

This change corrects an issue in which $vectorop("-", vexpr) was incorrectly negating certain values.

ODBC

DP-425314: Correct SQLGetData tracking offsets when walking Unicode data

Category: ODBC
Platforms: All
Version: 2023.1.5

This change resolves an issue that caused Unicode data from being properly returned in a C datatype.

DP-432012: Upgrade unixODBC to 2.3.12

Category: ODBC
Platforms: UNIX®
Version: 2023.1.5

This change upgrades unixODBC to version 2.3.12,

Security

DP-422997: Harden security of SQL Run Query page

Category: Security
Platforms: All
Version: 2023.1.5

This change hardens the SQL Run Query page in the Management Portal.

DP-429507: No longer restrict irisusr group members when creating OCSP response file

Category: Security
Platforms: All
Version: 2023.1.5

When creating an OCSP response file, a user's umask could restrict other irisusr group members from accessing or rewriting the file (with file ownership determined by the process creating it). This change ensures that the group permissions are not masked out by a user's umask.

DP-432291: CSP URL prefix used with OAuth2 logout URL

Category: Security
Platforms: All
Version: 2023.1.5

Previously the logout URI generated by {{##class(%SYS.OAuth2.Authorization).GetLogoutEndpoint()}} would not include the CSP URL prefix. Now, if a prefix is configured for the OAuth2 client's Redirect URI, then it will be used for the logout URI too.

DP-432708: New web applications and various built-in applications have "Prevent Login CSRF Attack" enabled by default

Category: Security
Platforms: All
Version: 2023.1.5

New user-created web applications now have "Prevent Login CSRF Attack" enabled by default.

The following InterSystems IRIS applications also now have "Prevent Login CSRF Attack" enabled by default:

/csp/broker /csp/sys /csp/sys/exp /csp/sys/mgr /csp/sys/op /csp/sys/sec /csp/documatic /isc/pki /ui/interop/rule-editor

DP-432769: Define all INFORMATION.SCHEMA catalog classes as READONLY

Category: Security
Platforms: All
Version: 2023.1.5

Previously, two of the INFORMATION.SCHEMA classes used for SQL Catalog information where not defined as READONLY; these were INFORMATION.SCHEMA.CURRENTCONNECTIONS and INFORMATION.SCHEMA.STATEMENTPRIVACTIONS. This has been corrected.

DP-432970: Handle POST requests in OAuth2.Response

Category: Security
Platforms: All
Version: 2023.1.5

A previous change added logic to OAuth2.Response to handle OPTIONS requests to this endpoint separately from the expected GET request. However, it also disallowed POST requests, which are needed to support the "form_post" response mode (https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html).

This change allows processing of POST requests.

DP-432971: Modify OAuth2.Response CSRF protections for the form_post response type

Category: Security
Platforms: All
Version: 2023.1.5

This change modifies OAuth2.Response CSRF protections for the form_post response type.

SMP - System Management Portal

DP-431433: Allow Windows UNC paths in Management Portal backup pages

Category: SMP - System Management Portal
Platforms: All
Version: 2023.1.5

Previously, the Management Portal for database backups did not recognize Windows UNC paths as valid paths. This issue has been resolved.

DP-432719: Use DisplayName for source control menus

Category: SMP - System Management Portal
Platforms: All
Version: 2023.1.5

The change updates the BPL editor, the DTL editor, and other Management Portal pages to use the DisplayName value in source control menus.

DP-432792: Add HTML escaping to source control output

Category: SMP - System Management Portal
Platforms: All
Version: 2023.1.5

Previously, pages in the Management Portal that displayed source control output did perform HTML escaping. This has been corrected.

DP-433116: Properly escape values when printing a result set as CSV

Category: SMP - System Management Portal
Platforms: All
Version: 2023.1.5

Previously, when printing the results of a query in the Management Portal, values and column names that contained a double-quote character were not being escaped properly. This has been corected.

SQL

DP-421284: SQL Catalog functions for Foreign Servers and Tables

Category: SQL
Platforms: All
Version: 2023.1.5

This change introduces two new queries in %SQL.Manager.Catalog (and the corresponding INFORMATION_SCHEMA tables) for listing the foreign servers and tables in the current namespace.

The SQL Home page in the Management Portal is also minimally extended to display the additional metadata.

DP-425500: Fix condition related to external tables when retrieving information about tables for SMP

Category: SQL
Platforms: All
Version: 2023.1.5

The change resolves an issue that caused the Tables drop down menu on SQL page in the Management Portal to display a <SUBSCRIPT> error if linked tables were defined in the current namespace.

DP-430073: Fix Bug with YEAR() Transform

Category: SQL
Platforms: All
Version: 2023.1.5

An issue where the YEAR() function returned an "undefined" error has been resolved.

DP-430755: Correct error in Tune Table

Category: SQL
Platforms: All
Version: 2023.1.5

This change corrects a bug that sometimes occurred when running Tune Table.

DP-430968: Correct behavior of CASE with timestamp values

Category: SQL
Platforms: All
Version: 2023.1.5

Before this change, a query that used CASE with timestamp values could return incorrect values. This change corrects the error.

DP-431095: Fix bug in CAST() function

Category: SQL
Platforms: All
Version: 2023.1.5

This change corrects a bug in the CAST() function.

DP-431826: Fix canonical expressions of aggregates on user defined functions

Category: SQL
Platforms: All
Version: 2023.1.5

Previously, in rare cases, two user-defined aggregate functions with different arguments could be incorrectly interpreted as the same function, causing them to return the same results. This issue has been resolved.

DP-432705: Fix code generation for %ODBCOUT

Category: SQL
Platforms: All
Version: 2023.1.5

Before this change, it was possible to get an <UNDEFINED> error when using the %ODBCOUT() function in a WHERE clause.

DP-433248: TT: correct error msg if sample size = 0

Category: SQL
Platforms: All
Version: 2023.1.5

This change alters the error message raised when issuing a TUNE TABLE command with a sample size of 0. The new error message reads: "Failed to get sample of data from the table ".

DP-433460: Correct the checking for window functions

Category: SQL
Platforms: All
Version: 2023.1.5

This change resolves an <UNDEFINED> error that arose when using window functions.

DP-433946: resolve column number issue in SQL Shell interface

Category: SQL
Platforms: All
Version: 2023.1.5

This change resolves an issue in code generated for queries that specified more than 128 columns in the SQL Shell interface.

DP-434300: SQL DDL: Correct locking for BUILD INDEX statement

Category: SQL
Platforms: All
Version: 2023.1.5

This change ensures that a BUILD INDEX statement successfully acquires an extent-level lock during a build.

DP-434443: Correctly collect query parameter when combining range conditions

Category: SQL
Platforms: All
Version: 2023.1.5

This change corrects an issue with combining range conditions (such as using < and > in a single condition instead of using BETWEEN) in SQL queries.

System

DP-429723: Fix URI Conversion for Non-Latin-1 Locales

Category: System
Platforms: All
Version: 2023.1.5

%Net.HttpRequest was encoding some characters incorrectly in 8-bit instances with locales that do not use Latin-1 character encoding.

DP-431760: Prevent CURWDQBLKS from reporting a negative value

Category: System
Platforms: All
Version: 2023.1.5

Perviously, in very rare circumstances, the CURWDQBLKS field in irisstat could report a negative value. This issue has been resolved.

DP-432506: Fix instance variable handling in $isvector

Category: System
Platforms: All
Version: 2023.1.5

Previously, the implementation of $isvector() in vector.cpp did not handle the case of instance variables or properly pop instance variables off of the argstack, leading to corruption of the argstack. This has been fixed.

VS Code

DP-431386: Fix <MAXSTRING> errors when using the Atelier search API

Category: VS Code
Platforms: All
Version: 2023.1.5

Previously, searching inside a very large number of files with the vscode-objectscript extension (or anything else that used the Atelier API) could return a <MAXTSRING> error. This issue has been resolved.

Web

DP-430623: Update Apache httpd to 2.4.58

Category: Web
Platforms: All
Version: 2023.1.5

This change updates the httpd files for Apache version 2.4.58.

Web Gateway

DP-432472: Disable mod_deflate when response uses chunked transfer encoding

Category: Web Gateway
Platforms: All
Version: 2023.1.5

Previously, if Chunked Transfer Encoding was enabled at the Web Gateway level and if the Apache mod_deflate output filter was enabled for the same resources, the resources failed to load so browsers were unable to display the response content. Now mod_deflate is disabled when the response uses Chunked Transfer Encoding, so resources load properly and response content can be displayed.

Web Services

DP-433047: Do not disable I/O redirection in SOAP log

Category: Web Services
Platforms: All
Version: 2023.1.5

Previously, SOAP logging logic explictly disabled I/O redirection, which could cause an issue if SOAP logic was called in a context where I/O redirection is turned on. This could cause issues with a REST service invoking a SOAP client; clearing I/O redirection would either cause the headers to be omitted or for the response to be truncated (depending on the size of the response). The SOAP logging logic has been corrected not to modify the redirection status of the current device.

Work Queue Manager

DP-430802: Correct problem with nested WQM groups

Category: Work Queue Manager
Platforms: All
Version: 2023.1.5

Before this change, when there is a task scheduled by the Work Queue Manager (WQM), and that task schedules a WQM group, the new group was not assigned any workers and thus could potentially wait indefinitely.

This change corrects the problem.

DP-434279: Fix freeing of message space in shared memory heap

Category: Work Queue Manager
Platforms: All
Version: 2023.1.5

Previously, when the length of an event message sent by the Event Signal was greater than 64 KB and was subsequently freed, multiple pages in the shared memory heap could be lost. This issue has been resolved.

Changes Introduced in 2023.1.4

Fixed Security Issues

DP-422836

CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity: Medium
CVSS Score: 6.4
Version: 2023.1.4

FIXED: A cross-site scripting issue in particular management portal pages has been corrected.

CPF File

DP-429759: Fix CPF conversion of [Gateways] section

Category: CPF File
Platforms: All
Version: 2023.1.4

This change corrects the conversion of the [Gateways] section of the CPF when upgrading to a release with this change.

CSP / ZEN

DP-428566: Allow CSPCHD for all CSP sessions created by CreateTemplateSession^%SYS.cspServer2()

Category: CSP / ZEN
Platforms: All
Version: 2023.1.4

This change resolves an issue that arose in Studio when loading the BPL/DTL editors when "Prevent login CSRF attack" is enabled.

Global Module

DP-429086: Fix system hangs on failure writing to IRISTEMP (especially due to ENOSPC)

Category: Global Module
Platforms: AIX
Version: 2023.1.4

This change fixes two errors in the error handling logic for asynchronous I/O database writes that could lead to a system hang when writing errors to IRISTEMP. The issue most commonly occurred when running out of space in a filesystem for IRISTEMP on UNIX or Linux systems; it was rare to encounter the error on a Windows system.

The first error had previously caused the write daemon failed to release ownership of the globals resource, leading to a system hang.

The second error caused extreme slowness due to the write daemon taking too long to retry writing and being unable to keep pace with the system.

Interoperability

DP-423490: Ensure Interoperability SAM temporary data reset before each update

Category: Interoperability
Platforms: All
Version: 2023.1.4

This change fixes an issue that caused interoperability metrics gathered for iris_interop could contain stale data for sensors that changed label values. This error has been resolved.

Kernel

DP-417459: Fix unit tests that Merge object code from $Compile() to rOBJ

Category: Kernel
Platforms: All
Version: 2023.1.4

This change removes support for compiling code with $compile and then merging it into ^rOBJ, as in the following example: set rc=$compile(src,0,errs,obj) merge ^rOBJ("routinename")=obj(1)

Instead, the proper way to use $compile is to have it manually compile and name the code as follows: set rc=$compile(src,0,errs,,,,"routinename")

Object Compiler

DP-420258: Resolve ##super in right most inheritance class correctly

Category: Object Compiler
Platforms: All
Version: 2023.1.4

This change ensures that class inheritance rules do not result in errors when attempting to call a inherited method from a super class.

DP-423499: CLASS COMPILER: Correct multi-property unique index with delimited identifier

Category: Object Compiler
Platforms: All
Version: 2023.1.4

Previously, a class would fail to compile if it included a unique index that had one or more properties that were delimited identifiers. This issue has been corrected.

Object Library

DP-429162: Fix regression in XML generation

Category: Object Library
Platforms: All
Version: 2023.1.4

A previous release introduced a change corrected XML generation when one class extends another class from a separate XML namespace when ELEMENTQUALIFIED=0. However, this change also caused the system to use the wrong namespace when ELEMENTQUALIFIED=1. This issue has been corrected.

ObjectScript

DP-424747: Fix linux thread per core counting for ppc/arm/amd64

Category: ObjectScript
Platforms: All
Version: 2023.1.4

Previously, there was an issues that caused an undercount of threads per core on Linux systems, as reported by $SYSTEM.CPU.Dump(). This affected Intel, AMD, ARM, and PowerPC processors. The issue is now resolved.

DP-428798: Fixed copy file errors on Unix systems

NOTE: This item may require a change to code, configuration, or operation.

Category: ObjectScript
Platforms: UNIX®
Version: 2023.1.4

This change fixes an issues that resulted in a failed copy (using the Library.File.CopyFile() method) on Unix systems when the destination does not exist.

It also adjusts the return codes for multiple failure cases when using Library.File.CopyFile().

Security

DP-422898: Harden security of DeepSee portal

Category: Security
Platforms: All
Version: 2023.1.4

This change hardens the security of the DeepSee portal.

DP-423813: Multiple Reflected XSS in Web Gateway Management page

Category: Security
Platforms: All
Version: 2023.1.4

There are multiple reflected XSS in Web Gateway Management page. * http://localhost:52773/csp/bin/RunTime/Module.cxw?CSPTKN=&{color:#de350b}CSPSYSesc=vbscript%3amsgbox(92410613)yajxij&CSPdef{color}=Default_Server&CSPSYSsmform=1&CSPLPN=LOCAL&SUBMIT=Connect * http://localhost:52773/cspe{color:#de350b}8yme%22%3e%3cscript%3ealert(1)%3c/script%3eypn8mex2jkb{color}/bin/RunTime/Module.cxw * http://localhost:52773/{color:#de350b}c4lfr%22%3e%3cscript%3ealert(1)%3c/script%3eo0n86bks465{color}/bin/RunTime/Module.cxw * http://localhost:52773/csp/{color:#de350b}binegpmz%22%3e%3cscript%3ealert(1)%3c/script%3erkvylec97yt{color}/RunTime/Module.cxw * http://localhost:52773/csp/{color:#de350b}ibt5x%22%3e%3cscript%3ealert(1)%3c/script%3eedjd4xbeeph{color}/RunTime/Module.cxw

For more details, see attached document.

DP-427923: Censor passwords in ISCSOAP log

Category: Security
Platforms: All
Version: 2023.1.4

This change ensures that SOAP clients that pass HTTP Basic credentials, which is not accepted by default, do not include the associated username and password in the Authorization header in the ISCSOAP log.

DP-429423: Pass Null domain correctly into %SYS.LDAP:Binds()

Category: Security
Platforms: All
Version: 2023.1.4

This change fixes an issues with LDAP authentication from a Windows system to an Active Directory server, when the LDAP host names field is set to a domain (such as sampledomain.com), rather than a specific domain controller (such as activedirectoryserver.sampledomain.com), resulting in an invalid credentials error. The issue has been resolved.

DP-430237: Handle OPTIONS Requests in OAuth2 Client Pages

Category: Security
Platforms: All
Version: 2023.1.4

This change modifies the OAuth2 Client pages OAuth2.Response and OAuth2.PostLogoutRedirect to properly handle OPTIONS requests.

Previously, an OPTIONS request was treated the same as a GET request and could result in changes in the server's state (for instance, exchanging the authorization code for an access token or initiating a user logout), which would invalidate a subsequent call.

Sharding

DP-428801: Enable creating federated table from child table

Category: Sharding
Platforms: All
Version: 2023.1.4

This change resolves an issue that arose when attempting to create a federated table, specifying as the source table a table that was the child in a parent/child relationship.

SQL

DP-425038: SQL DDL: Correct DDL code generation for CTAS with multiple WITH clause items

Category: SQL
Platforms: All
Version: 2023.1.4

Previously, there was an issue with CREATE TABLE ... AS SELECT ... statements that specified both a STORAGETYPE and at least one class parameter that prevented the class from being defined with the specified STORAGETYPE. This issue has been resolved.

DP-426860: Parse null and empty string in the "SET:LIST" correctly

Category: SQL
Platforms: All
Version: 2023.1.4

When using the %INLIST predicate in a SQL query, null is represented as no value in a call to $LISTBUILD, while an empty string is represented as '' in a call to $LISTBUILD. Note that specifying NULL in a comparison is meaningless (that is, NULL=NULL is false) and you should use IS NULL to identify elements of a list that are NULL.

DP-427176: Check for no NULL in NOT %INLIST

Category: SQL
Platforms: All
Version: 2023.1.4

This change add a check to ensure that the $LIST passed into %INLIST does not contain NULL.

DP-428081: Batch update SQL lightweight statistics to reduce journal traffic

Category: SQL
Platforms: All
Version: 2023.1.4

This change reduces journal traffic when updating the lighter weight SQL statistics in the Statement Index to improve the performance of SQL queries.

DP-428159: Make columnar field with unlimited max len use ROW storage by default

Category: SQL
Platforms: All
Version: 2023.1.4

This change corrects an issue that prevented a reversion to row storage from columnar storage when a string was longer than 12 characters.

DP-428319: Check if this set exists for NOT %INLIST $LISTBUILD(NULL)

Category: SQL
Platforms: All
Version: 2023.1.4

This change adds a check to make sure the set exists when executing a query with NOT %INLIST $LISTBUILD(NULL).

DP-428341: Improve NLS collation mismatch logging

Category: SQL
Platforms: All
Version: 2023.1.4

With this change, messages about NLS collation mismatch are no longer logged in messages.log for system tables.

Additioannly, this change lists the globals and offending collations in Show Plan warning messages.

DP-428482: Parse null and empty string in the "SET:LIST" correctly (replace YCL257)

Category: SQL
Platforms: All
Version: 2023.1.4

When $listbuild is used to build a list in SQL, then $listbuild(NULL) results in $lb("") and $listbuild() results in $lb(), and in each, the first element of the lists are both SQL the SQL null value.

DP-428578: Make timestamps compatible with string in SQL CASE statement

Category: SQL
Platforms: All
Version: 2023.1.4

This change makes timestamps (that are of type %TimeStamp) and string data compatible when used in a CASE statement. However, note that %PosixTime is still incompatible with string data.

DP-429087: Process cross-type IN conditions

Category: SQL
Platforms: All
Version: 2023.1.4

This change corrects an issues with IN conditions that arose when comparing different entities with different datetime datatypes (for example, a %PosixTime and a %TimeStamp). If there is a %PosixTime, then any %Date/%TimeStamp is converted to %PosixTime. Otherwise, the entered datetimes are converted to %TimeStamp.

DP-429101: Fix <UNDEFINED> err when generating error for posixtime in CASE statement

Category: SQL
Platforms: All
Version: 2023.1.4

Previously, when generating an error for a CASE statement that attempts to match %PosixTime with a VARCHAR, the system would throw a <UNDEFINED> error. This issue has been resolved.

DP-429343: Improve performance of YEAR() queries

Category: SQL
Platforms: All
Version: 2023.1.4

This change improves the performance of queries with conditions on YEAR().

DP-429656: Don't calculate selectivity for %Library.DynamicObject columns and reduce maxBucketValLength

Category: SQL
Platforms: All
Version: 2023.1.4

The change removes the calculation for selectivity for fields that are of type %Library.DynamicObject, as these fields are likely to be unique and so have little value to the Tune Table command.

DP-429702: SQL: Refresh SQL Run Time Extent table timestamp when tune table metadata manually changed

Category: SQL
Platforms: All
Version: 2023.1.4

Previously, when individual Tune Table statistics were updated through the Management Portal or the $SYSTEM.SQL.Stats.Table methods the extent metadata's timestamp was not updated, causing the process to use stae metadata and could lead to the use of a suboptimal query plan. This issue has now been resolved.

DP-430082: SQL: Correct frozen plan <PROPERTY DOES NOT EXIST> issue

Category: SQL
Platforms: All
Version: 2023.1.4

Previously, there was an issue that caused a query that used %ROWLIMIT and %ROWOFFSET while attempting to use a frozen plan to fail at execution time with a <PROPERTY DOES NOT EXIST> error. The issue has been resolved.

DP-430793: Correct error in NOT %INLIST

Category: SQL
Platforms: All
Version: 2023.1.4

Before this change, some queries that use NOT %INLIST would not return any rows. This change corrects the problem.

System

DP-424613: Make sure database is not mounted when creating a database

Category: System
Platforms: All
Version: 2023.1.4

This change ensures that a new database cannot be created using the same directory as another database that is currently mounted.

DP-428728: Give error if indirection object code is too large

Category: System
Platforms: All
Version: 2023.1.4

This change resolves an issue that caused a memory access error and process termination when compiling a very long indirection string.

DP-429384: Fix JO3188 to emit the proper monitor message "Updates suspended due to low free space in the WIJ"

Category: System
Platforms: All
Version: 2023.1.4

With this change, the system returns a new error message when the threshold for suspending a batch job was reached. Previously, the message was "Updates may become suspended due to low available buffers". This has been changed to "Updates suspended due to low free space in the WIJ".

Web Gateway

DP-428809: Fix url redirection in web gateway management page

Category: Web Gateway
Platforms: All
Version: 2023.1.4

This change fixes a URL redirection issue in the Web Gateway Management page and now requires the CSPSYSesc parameter to accept only relative URLs.

DP-429936: Don't log cleanup of ^IRIS.TempNodes for CSP login failure

Category: Web Gateway
Platforms: All
Version: 2023.1.4

This change ensures that failed authentications for a CSP Server process do not set up temporary nodes, which are cleaned up once the process is halted, that are used by the process. These nodes are now set up once an authentication is successful.

Changes Introduced in 2023.1.3

Fixed Security Issues

DP-426819

CWE: CWE-384: Session Fixation
Severity: Medium
CVSS Score: 6.3
Version: 2023.1.3

FIXED: An attacker may be able to get a user to use a web application session that attacker could then control.

DP-427073

CWE: CWE-271: Privilege Dropping / Lowering Errors
Severity: Medium
CVSS Score: 6.7
Version: 2023.1.3

FIXED: A user with privilege to execute or load code may be able to run that code with %All privilege.

DP-427079

CWE: CWE-250: Execution with Unnecessary Privileges
Severity: Medium
CVSS Score: 6.7
Version: 2023.1.3

FIXED: Users who are able to write or load code may be able to run that code with %All privilege.

DP-427080

CWE: CWE-284: Improper Access Control
Severity: Medium
CVSS Score: 6.7
Version: 2023.1.3

FIXED: A user with developer privilege may be able to execute code with higher levels of privilege.

DP-427082

CWE: CWE-20: Improper Input Validation
Severity: Medium
CVSS Score: 6.7
Version: 2023.1.3

FIXED: A user with developer access may be able to execute code with %All privilege.

DP-427085

CWE: CWE-20: Improper Input Validation
Severity: Medium
CVSS Score: 6.7
Version: 2023.1.3

FIXED: A user with development privilege may be able to execute code that runs with %All privilege.

Analytics

DP-419767: Track cube update time when DSTIME is not being tracked by the cube's source class

Category: Analytics
Platforms: All
Version: 2023.1.3

This change ensures that timestamps are updated independent of the DSTIME setting in the source class of a cube, correcting some handling of cache invalidation in cubes based on classes that did not support DSTIME.

DP-422061: Prevent unwanted decimal places from being rendered in Excel export

Category: Analytics
Platforms: All
Version: 2023.1.3

This change fixes two formatting regressions. In the first correction, when the format string is not specified, the default format used for integers is #,#. In the second correction, when the format string is set to '#', the expression rendered does not contain numbers after the decimal point.

DP-422207: Avoid UNDEFINED in BI catalog queries when measure has no alias

Category: Analytics
Platforms: All
Version: 2023.1.3

Previously, under rare circumstances, a Fact table column for a measurement with no alias could result in an UNDEFINED error. This issue has been resolved.

DP-422208: Skip iKnow measures in BI catalog queries

Category: Analytics
Platforms: All
Version: 2023.1.3

iKnow measures are now ignored in BI catalog queries returning specific columns, because they do not have a corresponding column in the Fact table.

DP-426923: Reset status if %UpdateFactsTemp returns an error in %ExecuteTask

Category: Analytics
Platforms: All
Version: 2023.1.3

This change allows some errors in the build of a cube based on non-integer ID source tables to be logged as a errors, without causing an exception in the build itself.

Business Intelligence

DP-420247: Always call $$EvaluateBucket in %Intersect when key search is complete

Category: Business Intelligence
Platforms: All
Version: 2023.1.3

Previously, calls to %Intersect with %OR-keys could fail to identify existence or results if the final key in the %OR-key did not contain data in the same cache bucket for which earlier keys had already identified results. This change ensures that the system checks any results collected by the individual keys contributing to the %OR statement before returning from the existence check.

DP-423547: Build all dependsOn indices that members of a Selective Build fact list are participating in

Category: Business Intelligence
Platforms: All
Version: 2023.1.3

This change ensures that a Selective Build builds the indexes for a level's Depends On relationships.

DP-426867: Fix check for reusable joinindex entry in %CreateJoinIndex

Category: Business Intelligence
Platforms: All
Version: 2023.1.3

This change corrects an issue that occassionally would prevent the system from recalculating a join index after synchronizing data.

Connectivity

DP-424169: Thread locking for irisconnect

Category: Connectivity
Platforms: All
Version: 2023.1.3

This change corrects an error that caused incorrect locking in irisconnect. This error only affects versions of OpenSSL prior to 1.1 (for example, 1.0.2).

DP-424367: When remove mirror DB in DR member, it needs to send 'PurgeAll' to application server

Category: Connectivity
Platforms: All
Version: 2023.1.3

This change ensures that a non-primary member that has been removed sends a 'PurgeAll' message to the application server for proper cleanup.

DP-426078: Report error if merging a section which is invalid

Category: Connectivity
Platforms: All
Version: 2023.1.3

This change ensures that an error is reported in the to the messages.log file if a merged CPF contains a faulty section title (such as [Action], rather than [Actions]).

CPF File

DP-422731: Retry interrupted i/o for CopyFile

Category: CPF File
Platforms: All
Version: 2023.1.3

Previously, attempting to copy with the CopyFile() method from the %File class could fail with an error if an internal interrupt is received during the copy. The system not handles the interrupt and continues the copy operation.

CSP / ZEN

DP-423252: fix check for CSPCHD URL token

Category: CSP / ZEN
Platforms: All
Version: 2023.1.3

This change corrects logic that checked whether a CSP session ID can be passed in the URL of a CSPCHD token.

DP-423647: Process CORS request when handling requests with JWT Tokens

Category: CSP / ZEN
Platforms: All
Version: 2023.1.3

This change ensures that any request that handles JWT tokens also correctly process CORS requests, when applicable.

DP-425916: If recurse is disabled for REST web-application then requests with "/" in them return 404

Category: CSP / ZEN
Platforms: All
Version: 2023.1.3

This change ensure that the recurse option for CSP/Zen Web Applications - which determines if pages in subdirectories of the physical path can be accessed via the Web Application - cannot be accidentally set when creating a REST application, as was previously possible. The result of this caused requests with a "/" in them to return a 404 error.

DP-427903: Fix regression in %ZEN.Controller error handler

Category: CSP / ZEN
Platforms: All
Version: 2023.1.3

This change fixes an issue that could result in an error in the InvokeInstanceMethod() method of the %ZEN.Controller class.

CSP Server

DP-427262: Fix undefined error checking CSPBrowserId cookie

Category: CSP Server
Platforms: All
Version: 2023.1.3

This change fixes an issue that could result in an <UNDEFINED> error when checking the CSPBrowserId cookie.

Installation

DP-426599: Macro for %Installer.Role.Resources changed to evaluate variables

Category: Installation
Platforms: All
Version: 2023.1.3

This change allows the use of variable replacement in the Resources property for a role created using %Installer.Role.

Integration

DP-419037: Add logout and refresh callbacks to better support OAuth2 Delegated authentication

Category: Integration
Platforms: All
Version: 2023.1.3

This change adds two new callbacks to the OAUTH2 Server customization classes to provide more robust support for delegated authentication with a remote authorization server.

The new methods are:

1) OnLogoutAccessToken() in the %OAuth2.Server.Revoke classs 2) OnRefreshAccessToken() in the %OAuth2.Server.Generate class

Interoperability

DP-421322: Adapters to Support quoted ContentType Charset in received HTTP requests

Category: Interoperability
Platforms: All
Version: 2023.1.3

This change enables adapters to support quotes surrounding a characterset instruction.

DP-421781: Improve performance of exporting interoperability productions when there are many routing rules and FunctionSet classes

Category: Interoperability
Platforms: All
Version: 2023.1.3

This change improves the performance of the expandProjectArrayAuxiliary method in the Ens.Config class, which results in an improvement in exporting interoperability productions that use many routing rules and FunctionSet classes.

DP-424695: Correct SQL.InboundAdapter disconnect error when StayConnected to 0 and ProcOperation brace detection

Category: Interoperability
Platforms: All
Version: 2023.1.3

Previously, when using JDBC, the EnsLib.SQL.InboundAdapter could throw an <INVALID OREF> when disconnecting with StayConnected value of 0 when destroying the temporary result set. This issue has been resolved.

Additionally, the EnsLib.SQL.Operation.ProcOperation now accepts by default a user-entered procedure statement wrapped in curly braces ({}) without attempting to prepend "call=".

DP-425062: Provide public API for X12 validation and batch splitting

Category: Interoperability
Platforms: All
Version: 2023.1.3

This change creates a public API for validating X12 batches and documents, generating replies to an X12 batch, and splitting a batch into new batches.

This functionality is provided in two classes: EnsLib.EDI.X12.Util.Validator and Ens.X12.FunctionSet.

In the EnsLib.EDI.X12.Util.Validator, use the PerformSNIPValidation, Validate, SplitBatch, SplitGroup, and ConstructBatchReply methods to use this functionality.

In the Ens.X12.FunctionSet, use the X12ValidateDocument, X12BatchErrors, X12BatchSuccesses, and X12BatchReply methods to use this functionality.

DP-425990: [Interoperability] Change hashing algorithm for message export and local file deployment utilities (JGM1147)

Category: Interoperability
Platforms: All
Version: 2023.1.3

This change ensures that all Interoperability Deploy Production Changes and background message export systems use the SHA3 algorithm for hash comparisons.

DP-426490: Honor Business Operation use of overridden OnFailureTimeout setting of ..Retry to 1

NOTE: This item may require a change to code, configuration, or operation.

Category: Interoperability
Platforms: All
Version: 2023.1.3

If custom Business Operations implemented OnFailureTimeout and that method sets ..Retry to 1, then the operation will not continue to retry beyond the FailureTimeout value.

Journaling

DP-424382: fix invalid handling of process journal state

Category: Journaling
Platforms: All
Version: 2023.1.3

This change resolved an issue where passing true or false inputs other than 1 or 0 for journal state to the CompileAll(), CompileAllNamespaces(), or CompileSelected() methos of %Library.Routine could result in instance hangs.

Kernel

DP-422094: Setup fast instance variables for error trap

Category: Kernel
Platforms: All
Version: 2023.1.3

Previously, when an error was caught while executing an SQL query and execution popped up to a higher error trap within a routine, there could be an attempt to set up the fast instance variables before the appropriate table exists, resulting in an access violation. This issue has been resolved.

Lock

DP-426000: Avoid unlocking parent nodes getting LOCKR_NO_OP returned unexpectedly.

Category: Lock
Platforms: All
Version: 2023.1.3

This change prevents internal mechanisms from sending flags that result in returning LOCKR_NO_OP unexpectedly.

DP-427575: Fix lock waiter could miss a wake up call.

Category: Lock
Platforms: All
Version: 2023.1.3

This change fixes the lock waiting mechanism, which could previous receive the wrong lock status and incorrectly assess the lock as still in a waiting state.

Mirroring

DP-426727: Notify all mirror members when partner is demoted to async member.

Category: Mirroring
Platforms: All
Version: 2023.1.3

This change notifies all mirror members when a partner is demoted to an async member.

Monitoring

DP-421489: Fix iris_phys_mem_percent_used in monitor API

Category: Monitoring
Platforms: All
Version: 2023.1.3

This change corrects the calculation of the physical memory usage in the DashboardSensors class in the SAM monitoring API.

Object - .NET Binding

DP-426930: Correct SQLType 241 (cppbinding only) processing of decimal string values

Category: Object - .NET Binding
Platforms: All
Version: 2023.1.3

This change ensures that the cppbinding implementation of SQLType 241 returns correct string parsing, which had previously caused applications to lose precision after the decimal point.

Object Compiler

DP-427279: Suspend error counting when finding superclasses and a superclass is not defined

Category: Object Compiler
Platforms: All
Version: 2023.1.3

This change suspends error counting when searching for superclasses so that if a superclass is not defined, it is not counted as an error.

Object Library

DP-427202: Don't search strings that aren't in the class text

Category: Object Library
Platforms: All
Version: 2023.1.3

Previously, using the Find in Files tool in Studio would match against the names and values of some UDL keywords (such as "Description", "Super", and "TimeCreated") that did not appear in the class text. This issue has been resolved.

Security

DP-426920: SMP: properly escape username

Category: Security
Platforms: All
Version: 2023.1.3

This change properly escapes the $username value displayed in the Management Portal and the Analytics UserPortal.

Sharding

DP-426077: Resource cleanup daemon kill previous data when recycling sharding tempfiles

Category: Sharding
Platforms: All
Version: 2023.1.3

This change resolves an issue that cause the resource cleanup damon to sometimes recycle orphaned sharding temporary files while they still contained data from a previous sharded query. This issue caused incorect results in subsequent queries that allocated these tempfiles, due to wrongly interpreting the stale data as part of the new query's result. The issue has been resolved.

SQL

DP-419585: Check for collation mismatch

Category: SQL
Platforms: All
Version: 2023.1.3

Previously, a collation mismatch between internal globals could force queries to return incorrect results. If there is a mismatch between collations, the system will log a warning in message.log when a query is first compiled.

DP-422058: SQL: statements with SET:SETOF return correct %ROWCOUNT

Category: SQL
Platforms: All
Version: 2023.1.3

A problem has been corrected where a query like:

select ID, UnitsSold from HoleFoods.SalesTransaction where id = 3 or id = 4 or id = 10

or a statement like:

update HoleFoods.SalesTransaction set UnitsSold = 10 where id = 3 or id = 4 or id = 10

would return the wrong %ROWCOUNT value if more than 1 row was updated.

DP-424779: Correctly cost range conditions on higher level index map subscripts

Category: SQL
Platforms: All
Version: 2023.1.3

This change implements some minor query optimizations that apply when range conditions are present.

DP-425405: Add DISTINCT to the correlated non-rowid fields of streamed EXISTS view

Category: SQL
Platforms: All
Version: 2023.1.3

Previously, in queries that used an EXISTS subquery, extra rows would incorrectly be returned if a correlated field contained the same values in the subquery. This change corrects this behavior by adding the DISTINCT keyword in such queries to all correlated, non-RowID fields.

DP-425628: Do not cancel looping for inherited index

Category: SQL
Platforms: All
Version: 2023.1.3

Previously, there was an issue that caused no rows to be returned when a query relied on an index inherited from the parent class. This issue has been resolved.

DP-425964: Update the logic that computes the row threshold for switching to use PPGs for hybrid temp-files

Category: SQL
Platforms: All
Version: 2023.1.3

Previously, the system overestimated the row threshold for switching to use PPGs for hybrid temporary files, causing SQL processing using too much memory in some cases when hybrid temp-files are used. The logic used to calculate this threshold has been updated to avoid the processing.

DP-426135: Fix an issue of some embedded parallel queries that caused %ROWCOUNT to be undefined

Category: SQL
Platforms: All
Version: 2023.1.3

This change fixes an issue that caused some parallel queries written in Embedded SQL that caused %ROWCOUNT to be undefined.

DP-426362: Fix wrong result issues for some parallelized queries that has JOIN between two columnar tables and are partitioned on sets

Category: SQL
Platforms: All
Version: 2023.1.3

This changes fixes an issue that caused wrong results for some parallelized queries that have JOIN between two columnar tables and are partitioned on sets.

DP-426524: Fix a wrong result issue for some parallelized queries on columnar tables

Category: SQL
Platforms: All
Version: 2023.1.3

This changes fixes a wrong results issue that arose when running parallelized queries on columnar tables with bitmap indexes. This change affects the Show Plan for affected queries.

DP-427066: When estimating temp-file sizes, use 255 as the default field length when both average field length and max field length are missing on mts

Category: SQL
Platforms: All
Version: 2023.1.3

With this change, the SQL compiler now uses 255 as the default field length to estimate the temp-file size when both average field length and max field length have not been specified

DP-427151: Disable parallelization and add warning when process-level collation does not match collation of globals

Category: SQL
Platforms: All
Version: 2023.1.3

With this change, when the process-level NLS collation does not match the NLS collation of all globals involved in query processing, the system disables parallelization at compile time and adds a warning in the Show Plan for SQL queries.

DP-427220: Fix an issue that the auto-parallel logic sometimes over-estimates the workload of a query block

Category: SQL
Platforms: All
Version: 2023.1.3

This change fixes an issue that caused AutoParallel logic to overestimate the workload of a query block, triggering parallel execution when it was not needed. Note that this change may affect the AutoParallel decision on some query blocks, causing them to no longer be executed in parallel.

DP-427444: Correctly remove sorting in worker processes for multi-field GROUP BY queries

Category: SQL
Platforms: All
Version: 2023.1.3

This change improves query plans for queries that have a multi-field GROUP BY clause by removing sorting in worker processes.

DP-427728: Use a single subscript in a temp file for a field which is referenced multiple times

Category: SQL
Platforms: All
Version: 2023.1.3

In queries that use the same field multiple times in a join condition, it has previously been possible for the system to raise a runtime subscript error. This issue has been resolved.

System

DP-423100: fix lookup of right link bdb in irisstat -b64

Category: System
Platforms: All
Version: 2023.1.3

This change increases the efficiency of the irisstat -b64 option.

DP-424552: Fix access violation in Merge with large integer subscript

Category: System
Platforms: All
Version: 2023.1.3

This change fixes an issue where merging an integer array with a subscript of 2147483647 could cause a process to terminate.

DP-424637: Speed up calculation of DataMove journal MB to apply

Category: System
Platforms: All
Version: 2023.1.3

This change improves the efficiency of the calculation DataMove uses to determine how much journal data is left.

DP-426214: support web server url prefix usage pre-2023.2

Category: System
Platforms: All
Version: 2023.1.3

The change ensures that all URLs generated by InterSystems IRIS will include the configured WebServerURLPrefix, even if WebServerName is not set.

DP-427829: Fix DataMove MB copied/Min change code

Category: System
Platforms: All
Version: 2023.1.3

This change fixes an issue which dismounted and deleted the DataMove work database when the MBCopied, MaxMBPerMin, or MaxMBCheckPerMin properties were edited while DataMove was active.

Tools

DP-420072: UDL export and import will honor the selectivity=0 qualifiers

Category: Tools
Platforms: All
Version: 2023.1.3

Previously, the qualifiers /exportselectivity=0 and /importselectivity=0 were ignored for UDL export and import. This change ensures that these options are used when specified.

Web Gateway

DP-426915: Fix Web Gateway typecast typos

Category: Web Gateway
Platforms: All
Version: 2023.1.3

This change alters code that had returned an incompatible pointer type warning to Web Gateway builds, specifically for arrays declared as "char*" that should have been been "char". The issue has been resolved.

Web Services

DP-427288: Add SOAPWizard SuppressNamespace and OutputTypeAttribute options

Category: Web Services
Platforms: All
Version: 2023.1.3

This change adds two options to the SOAP Wizard. The first allows you to suppress the namespace from being used in the serialization of a message body. The second allows you to disable OutputAttributeTypes. These additions are useful for generating SOAP clients where the server does not accept ElementPrefixed or AttributePrefixed content.

xDBC Server

DP-426456: SQL SERVER: prevent customers from overwriting devices

Category: xDBC Server
Platforms: All
Version: 2023.1.3

This change ensures that the variable that stores the TCP or Shared Memory device used by a database driver connection cannot be killed by customer written code.

Changes Introduced in 2023.1.2

Fixed Security Issues

DP-420675

CWE: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Severity: Medium
CVSS Score: 6.1
Version: 2023.1.2

FIXED: A cross site scripting issue has been addressed in particular system CSP classes.

DP-420680

CWE: CWE-274: Improper Handling of Insufficient Privileges
Severity: Medium
CVSS Score: 6.3
Version: 2023.1.2

FIXED: A user with development access may be able to set and kill globals they are not privileged to alter.

DP-421212

CWE: CWE-273: Improper Check for Dropped Privileges
Severity: Medium
CVSS Score: 4.2
Version: 2023.1.2

FIXED: A problem has been corrected where in some rare situations a user might still be able to execute a cached query (Dynamic SQL or xDBC) after a privilege required to execute the cached query's statement had been revoked from the user.

DP-424393

CWE: CWE-285: Improper Authorization
Severity: Medium
CVSS Score: 4.3
Version: 2023.1.2

FIXED: A JDBC user may be able to view the names and descriptions of (but not execute) stored procedures beyond those they are allowed to execute.

Analytics

DP-421736: Prevent entire cube build from failing when individual fact builds fail

Category: Analytics
Platforms: All
Version: 2023.1.2

Previously, when a cube build used a temp file, a build error would result in hung queries an wrong results. This issue has been resolved.

Business Intelligence

DP-422922: Add selectMode property to subject area listings

Category: Business Intelligence
Platforms: All
Version: 2023.1.2

This change adds a selectMode property to the %DeepSee.Model.SubjectArea.listing class.

DP-423287: Adjust notification response to user management actions in Analyzer

Category: Business Intelligence
Platforms: All
Version: 2023.1.2

Previously, a pivot in the Analyzer would be marked with an asterisk, even after it was saved. This change removes the asterisk upon saving to clarify that the pivot has indeed been saved.

DP-423889: Correct timestamp checking logic to reuse DeepSee cache

Category: Business Intelligence
Platforms: All
Version: 2023.1.2

This change corrects an issue that caused wrong results after new data was added, due to the use of a stale cache.

CSP Server

DP-421886: Do not reuse existing CSP Session during authentication

Category: CSP Server
Platforms: All
Version: 2023.1.2

This change ensures that a new CSP session is created when logging into a CSP application with a new username.

In addition, if the "Prevent login CSRF attack" option is enabled for a web application, a session token cannot be passed via the URL.

DP-425074: FIX - authentication from custom login page should persist

Category: CSP Server
Platforms: All
Version: 2023.1.2

This change ensures that sessions on a custom login page when a login failes do not end prematurely in cases where automatic login is built into your custom login page.

Gateways - XSLT

DP-424106: Add "-O -NDEBUG" as optimising compiler flags to xalan.mak makefile

Category: Gateways - XSLT
Platforms: All
Version: 2023.1.2

This change modifies internal compilation flags to optimize code performance.

Interoperability

DP-423129: [Interoperability] Correct error for Email Adapter using SASL XOAUTH when no credentials set

Category: Interoperability
Platforms: All
Version: 2023.1.2

Previously, use of a SASL XOAUTH configuration with the interoperability email outbound adapter would generate an error if a Credentials setting was not required. This issues is now corrected.

DP-425185: Better Handling of Missing Source Errors in DTL

Category: Interoperability
Platforms: All
Version: 2023.1.2

All error statuses that can be set due to a missing source are immediately added to the status code for the transform. If IGNOREMISSINGSOURCE is set to true, the status is still dismissed.

This change also prevents any condition, such as an if or a switch, that compares a virtual document value against empty from setting an error status if the source is missing.

JDBC

DP-425212: SQL SERVER: Report proper length for WHERE clause parameters in an UPDATE statement

Category: JDBC
Platforms: All
Version: 2023.1.2

This change corrects an issue where the parameter from a WHERE clause of an UPDATE statement did not properly report the length for a VARCHAR type value.

Mirroring

DP-423988: Fix Reporting Async won't clear 'active' mirrored DBs when updater encounter error.

Category: Mirroring
Platforms: All
Version: 2023.1.2

This change fixes an issue where DejournalFree() did not clear a mirrored database's active status if it is an Updater and the QID of the Updater is non-zero.

Object Library

DP-421417: Resolve issue with OAuth2 clients in a browser

Category: Object Library
Platforms: All
Version: 2023.1.2

This change fixes an issues that caused problems in OAuth2 clients running in Safari from accessing multiple client applications from different domains.

ObjectScript

DP-424688: nano seconds incorrectly encoded in GUID uuid v1

Category: ObjectScript
Platforms: All
Version: 2023.1.2

This change fixes an error that caused incorrect nanosecond encodings in gloablly unique identifiers (GUIDs).

Security

DP-423994: correct /csp/sys/oauth2 application update logic

Category: Security
Platforms: All
Version: 2023.1.2

This change removes unnecessary entries in the ApplicationChange audit log by correcting an issues in the CreateCSPApplication() method of the OAuth2.Server.Configuration class.

Sharding

DP-419807: Prevent <PRIVATE PROPERTY> error in $system.Sharding.RemoveMirroring when debug is enabled

Category: Sharding
Platforms: All
Version: 2023.1.2

Previously, when sharding debug tracing was enabled, the RemoveMirroring() method in the %SYSTEM.Sharding class would occassionally incorrectly fail with a <PRIVATE PROPERTY> error. This issue has been resolved.

DP-424543: Sharding correctly return caught exceptions from shard-local queries

Category: Sharding
Platforms: All
Version: 2023.1.2

This change fixes an issue that occurred during execution of a shard-local query and occasionally resulted in a exception.

SQL

DP-418265: Fix error when a query uses USING or NATURAL join in subquery

Category: SQL
Platforms: All
Version: 2023.1.2

Previously, there was an issue that caused compile-time errors in subqueries with USING or NATURAL joins. This issue has been corrected.

Fixed a compile-time error when a query uses USING or NATURAL join  in subquery.

DP-419438: FM2Class 2.45 - Add optional VA_SITE field to mapped table

Category: SQL
Platforms: All
Version: 2023.1.2

The change adds a feature to the FM2Class that allows the mapper utility to optionally define a VA_SITE field in the table to contain the station ID of the VA site for the database, which can be useful for determining the source of the data when performing a join from multiple VA or FileMan servers.

DP-421787: SQL SECURITY: Correct Auditing of SQL Privilege failures for re-used xDBC cached queries

Category: SQL
Platforms: All
Version: 2023.1.2

Previously, if a user was not privileged to execute a SQL statement via JDBC or ODBC, the resulting SQL privilege error would not get recorded in the event audit log. This issue has been resolved.

DP-422098: RTPC Truth Value: Use hash instead of log to identify truth value conditions

Category: SQL
Platforms: All
Version: 2023.1.2

This change corrects and issue that caused InterSystems SQL to fail to return matching rows for all types of queries that trigger the RTPC-truth value by changing how the truth value is calculated.

DP-422442: Correct vector datatype for <scalar><op><vector> case

Category: SQL
Platforms: All
Version: 2023.1.2

This change corrects an issue the resulted in incorrect or unnecessary datatype conversions for vector datatypes.

DP-422602: Embedded SQL: Correct colno when declare cursor without an INTO list

Category: SQL
Platforms: All
Version: 2023.1.2

Previously, a cursor-based SQL or FETCH call against a class in a parent-child relationship incorrectly returned data to an INTO list. This issue has been resolved.

DP-422716: Escalate privilege before calling $system.Config.Modifybbsiz from sql internal %qaq* rtn

Category: SQL
Platforms: All
Version: 2023.1.2

Previously, ODBC users required the %Admin_Manage resource, which is not normally assigned to such users, to call $SYSTEM.Config.Modifybbsiz(). This issue has been resovled.

DP-422721: Fix RTPC-outlier bugs: multi fields in condition, multi collations on same field, %COLLATE collation

Category: SQL
Platforms: All
Version: 2023.1.2

This change corrects various issues with the application of outlier values with RTPC, including multiple fields with outliers in a condition, multiple collations specified for the same field, and when the condition includes %COLLATE.

DP-422800: Tune Table: Clear ^||%t PPG before use it

Category: SQL
Platforms: All
Version: 2023.1.2

This change ensures that some process private globals are killed before they are potentially used in a Tune Table command.

DP-422989: Fix a wrong result issue that causes ShowPlan runtime errors

Category: SQL
Platforms: All
Version: 2023.1.2

Previously, there was an issue that occasionally caused runtime errors when using ShowPlan for queries that employ adaptive parallel execution.

DP-422998: Correct "SET:SETOF" datatype

Category: SQL
Platforms: All
Version: 2023.1.2

This change removes a data type conversion that returned incorrect results to SQL queries.

DP-423777: Modify EXTENTSIZE for built in IRISSYS classes to avoid auto-parallel

Category: SQL
Platforms: All
Version: 2023.1.2

This change prevents parallel processing when querying Config.* and Security.* class, due to a collation mismatch issue.

DP-423899: SQL: Correct time/command query stats for cached queries issued via a database driver

Category: SQL
Platforms: All
Version: 2023.1.2

An issue where SQL Runtime Statistics would in some cases report much higher values for commands and time statistics than the actual values.

DP-424043: Do not apply equivalence class transformations for local shard

Category: SQL
Platforms: All
Version: 2023.1.2

This change modifies conditions to verify that sharded queries apply only the proper transformations on the local shard.

DP-424996: Fix <SUBSCRIPT>ptvalue+4^%qaqcpr when compiling a class that calls a UDF

Category: SQL
Platforms: All
Version: 2023.1.2

This change fixes a <SUBSCRIPT> error that arose when compiling some classes that called a user-defined function.

DP-425061: Fix a code generation issue for queries that use APE and call other embedded SQL statements

Category: SQL
Platforms: All
Version: 2023.1.2

This change ensures that queries that employ Adaptive Parallel Execution and call embedded SQL statements do not receive a compile time error.

DP-425273: Move %UpdateSplitCache and %Split from %SQL.Agent to %SYS.WorkQueueMgr

Category: SQL
Platforms: All
Version: 2023.1.2

This change prevents unexpected <PROTECT> error when partitioning globals during SQL parallel execution.

DP-425950: Replace method calls to avoid error

Category: SQL
Platforms: All
Version: 2023.1.2

This change ensures that calls to an internal function that returns sections of a global do not return <METHOD DOES NOT EXIST> errors.

System

DP-422968: Fix UDL to ^oddDEF conversion for Index on Property with quoted name

Category: System
Platforms: All
Version: 2023.1.2

Previously, indexes on properties with quoted names were not rendered consistently or serialized correctly. This issue has been resolved.

VS Code

DP-424221: Save and restore IO redirection state when calling the async Atelier endpoints

Category: VS Code
Platforms: All
Version: 2023.1.2

This change corrects an issue where I/O redirection code called for asynchronous endpoints did not save and restore the previous state, resulting in proper error messages when a class that has errors in it is compiled.

Web Services

DP-423478: %XML Security - allow RetrievalMethod element of Signature KeyInfo element

Category: Web Services
Platforms: All
Version: 2023.1.2

Previously, when decrypting an encrypted XML document, the parsing of the encrypted document would fail if the KeyInfo element contained a RetrievalMethod element. This issue has been resolved.

Changes Introduced in 2023.1.1

Analytics

DP-421585: Limit runtime cache size to avoid excess memory usage

Category: Analytics
Platforms: All
Version: 2023.1.1

This change limits the size that the cache can grow in the %ExecuteForBucket method to control memory usage.

DP-422846: Fix context for plugin in the slicer

Category: Analytics
Platforms: All
Version: 2023.1.1

This change restores internal slicer context available to the %OnCompute method so that plugin context remains consistent.

Business Intelligence

DP-420730: Fix DashboardViewer crash when deleting dashboard

Category: Business Intelligence
Platforms: All
Version: 2023.1.1

This change ensures that deleting a dashboard while viewing it on the DashboardViwer page redirects you back to the UserPortal home page.

CPF File

DP-422404: Handle merge command parsing of "=" as a property value

Category: CPF File
Platforms: All
Version: 2023.1.1

Previously, the CPF parser handled the appearance of an equals sign within a property value. Now, if the property value containing an equals sign is quotes (that is, is a string), the value is set to the entire string.

CSP Server

DP-421318: FIX - delegated authentication fails when encoded=1

Category: CSP Server
Platforms: All
Version: 2023.1.1

Previously, after a failed login, the CSP Server would throw an error rather than returning the desired page. This issue has been resolved.

DataMove

DP-420952: Prevent journal file from being purged when still being used by DataMove

Category: DataMove
Platforms: All
Version: 2023.1.1

This change prevents the system from purging journal files that may still be used by DataMove.

DP-423186: More fix for using ':ds:DBNAME' as the database reference could get stale DB path.

Category: DataMove
Platforms: All
Version: 2023.1.1

Previously, if a database had been removed from an instance and then recreated on a different path, the system would sometimes refer to the stale path. This issue has been corrected.

Embedded Python

DP-420799: Redo exception handling in %SYS.Python::ToList() to catch std:: exceptions better

Category: Embedded Python
Platforms: All
Version: 2023.1.1

This change modifies %SYS.Python.ToList() to throw more informative exceptions.

DP-420838: %Sys.Python::ToList variants should allow passing 64 bits of data for ints from object script $list

Category: Embedded Python
Platforms: All
Version: 2023.1.1

This change allows %SYS.Python.ToList() enables conversion of 64 bits integer values from the ObjectScript $list type to values in a Python list.

DP-420894: Modified embedded python initialization to preserve its env.

Category: Embedded Python
Platforms: All
Version: 2023.1.1

Previously, invoking a Python method to initialize Embedded Python could result in corrupting passed arguments and context. This issue has been resolved.

DP-420966: Object Script Null <-> Python None Support

Category: Embedded Python
Platforms: All
Version: 2023.1.1

Previously, %SYS.Python.ToList() turned values of type null from ObjectScript into the Unkown type, rather than the None type, in Python. This issue has been corrected.

DP-420967: Corrected embedded python object refcount issue.

Category: Embedded Python
Platforms: All
Version: 2023.1.1

Previously, in Embedded Python, an oref object's reference count was increased unnecessarily when it was assigned as a property to another InterSystems IRIS object's property. This issue has been resolved.

DP-421093: In Embedded python, modified to release retained block(s) after possible use.

Category: Embedded Python
Platforms: All
Version: 2023.1.1

With this change, Embedded Python now releases retained blocks after their possible use.

DP-421281: Make sure site-packages inside libpython sys.path on RHEL8 and RHEL9 and SUSE comes both from /usr/local [RH8 only] and also /usr

Category: Embedded Python
Platforms: macOS
Version: 2023.1.1

This change ensures that site-pacakges on Red Hat Enterprise Linux 8 and Red Hat Enterprise Linux 9 come from the /usr/local and /usr folders, ensuring that libpython has proper access to a server-wide Python package ecosystem.

Gateways - XSLT

DP-423870: Pass -O3 optimization to compiler

Category: Gateways - XSLT
Platforms: All
Version: 2023.1.1

This change ensures that the -O3 optimization is passed to the CMAKE build file so the compiler generated higher performant code.

Global Module

DP-422520: Fix process private global referencing the wrong blocks on big-endian (AIX) unicode systems

Category: Global Module
Platforms: AIX
Version: 2023.1.1

Previously, on unicode installations on a big-endian platform, references to a process private global could access data in IRISTEMP that are not part of the global's tree. This issue has been resolved.

Installation

DP-420373: do not restart IIS during Windows installation

Category: Installation
Platforms: All
Version: 2023.1.1

Previously, installing the Web Gateway on a Windows system would require restarting Internet Information Services (IIS). This is no longer the case, so IIS no longer has any downtime.

DP-421353: When converting from Cache, if routines= null then set to 0

Category: Installation
Platforms: All
Version: 2023.1.1

This change ensures that upon upgrade from Cache to InterSystems IRIS, the Routines field in the CPF is set to 0 if no routines had been specified in the Cache CPF.

DP-421455: put iodbc 3.52.15 include files into Unix ODBC kit

Category: Installation
Platforms: UNIX®
Version: 2023.1.1

This change updates the Unix ODBC kit to include an upgraded iodbc version.

DP-422777: [Interoperability] Upgrade to skip legacy data upgrade steps if system namespace or ready default db

Category: Installation
Platforms: All
Version: 2023.1.1

When upgrading, the system now performs checks to avoid running unnecessary steps on read-only namespaces, preventing certain issues that arise when HSSYS is mirrored.

DP-423560: Implement retry logic to address automl "package mismatch" error

Category: Installation
Platforms: All
Version: 2023.1.1

This change ensures that AutoML-related Python dependencies are downloaded once, correcting an issue where each Python package installed all of its recursive dependencies, leading to multiple versions of some packages.

DP-424007: Install automl Python packages all at once with retry loop

Category: Installation
Platforms: All
Version: 2023.1.1

This change ensures that all AutoML Python packages are installed without redundancies by letting pip handle package dependencies.

IF-4581: InterSystems IRIS 2023.1 cannot create FHIR endpoint in Japanese Windows

Category: Installation
Platforms: All
Version: 2023.1.1

This change fixes an issue that prevented Japanese Windows 2019 platforms from correctly creating a new FHIR endpoint.

IntegratedML - Core

DP-421905: Freeze all platforms' automl.mak python dependencies

Category: IntegratedML - Core
Platforms: All
Version: 2023.1.1

This change freezes all AutoML Python package dependencies for each platform to ensure stability.

Interoperability

DP-419770: Avoid memory leak for JDBC connections

Category: Interoperability
Platforms: All
Version: 2023.1.1

Previously, if classpath wasn't specified in EnsLib.JavaGateway.Service, there was a memory leak for the Java gateway process. This issue has been corrected.

DP-421332: [Interoperability Health] Guard against DisableNamespace being called with non uppercase Namespace

Category: Interoperability
Platforms: All
Version: 2023.1.1

Previously, the DisableNamespace() method in the %Library.EnsembleMgr class required a user to pass a namespace in uppercase on InterSystems IRIS for Health instances. Now, you may pass the namespace in any case; the namespace argument is now converted to uppercase.

JDBC

DP-422091: SQL SERVER: Correct timeout for stored procedure execution

Category: JDBC
Platforms: All
Version: 2023.1.1

Previously, stored procedures that were called via JDBC would only time out if the execution of the procedure took too long, not the fetching of the procedure's data (if it returned a result set). This issue has been corrected.

Journaling

DP-422117: Proper string matching in journal record list query

Category: Journaling
Platforms: All
Version: 2023.1.1

This change resolves an issue that caused queries of journal records to return incorrect results when a match involved a string.

DP-423505: release data block before fetching its left neighbor in dejournal prefetching kills

Category: Journaling
Platforms: All
Version: 2023.1.1

This change fixes an issue that, in rare circumstances, caused ongoing dejournal operations to hang. This issue had been present in versions 2020.4, 2021.x, 2022.x, and 2023.1 of InterSystems IRIS®, InterSystems IRIS for Health™, and HealthShare® Health Connect.

Kernel

DP-420857: CPP utf8 conversion to make sure virtual string stack expansion is big enough

Category: Kernel
Platforms: All
Version: 2023.1.1

This change fixes an issue in Embedded Python that prevented jobs from having a large enough string stack for the return value.

Language SDK

DP-423611: Point iris latest to cloudclient 1.2.1

Category: Language SDK
Platforms: All
Version: 2023.1.1

This change upgrades the Cloud Client to version 1.1.2.

DP-423629: Point iris latest to messaging 1.2.2

Category: Language SDK
Platforms: All
Version: 2023.1.1

This change updates the version of the messaging client.

Mirroring

DP-421683: Fix job command when jobbing from a mirror process running in background

Category: Mirroring
Platforms: All
Version: 2023.1.1

This change fixes an issue where a backup mirror member, that has deferred licensing, that was demoted by the primary member would return an error and remain in a stopped state.

Networking

DP-422021: Fix Windows irisconnect parsing of Unix-style LF line endings

Category: Networking
Platforms: UNIX®
Version: 2023.1.1

This change resolves a parsing issue when using the cconnect (on Cache) or irisconnect (on InterSystems IRIS) commands on Windows systems.

Object - .NET Binding

DP-419695: .NET Binding - fix by ref status arguments

Category: Object - .NET Binding
Platforms: All
Version: 2023.1.1

Previously, a generated class that uses the .NET binding could return a null value, rather than a %Status. This issue has been corrected.

ODBC

DP-421361: ODBC GetData should accept %Date value send as full $H value Part 2

Category: ODBC
Platforms: All
Version: 2023.1.1

This change modifies the conversion of a $H value to a %Date value for improved performance.

DP-421591: ODBC GetData to timestamp from complete $horolog

Category: ODBC
Platforms: All
Version: 2023.1.1

This change ensures that the CHAR and WCHAR date-related data passed over ODBC is successfully converted to the TIMESTAMP datatype.

DP-421622: ODBC. Fast Insert fixes for handling 8bit server

Category: ODBC
Platforms: All
Version: 2023.1.1

Previously, the FastInsert feature incorrectly inserted wide characters on an 8-bit server. This issue has been resolved.

Security

DP-422560: HTML encode REST error messages

NOTE: This item may require a change to code, configuration, or operation.

Category: Security
Platforms: All
Version: 2023.1.1

Previously, error messages returned from REST APIs were not HTML encoded. This issue has been corrected.

Sharding

DP-419953: Don't leak refcount lock when sharded update blocked due to tx

Category: Sharding
Platforms: All
Version: 2023.1.1

Previously, if an attempt to updat a sharded table was blocked due to an ongoing transaction, the reference count lock on the update was not released. This issue has been resolved.

DP-422722: Prevent <PROTECT> error when connecting to shards

Category: Sharding
Platforms: All
Version: 2023.1.1

Previously, connecting to shards (for example, in sharded queries) could fail with a <PROTECT> error if the user does not have write access to the "USER" namespace. This issue has been resolved.

DP-422809: Don't generate DISTINCT BY in sharding/parallel query if this query block contains window function

Category: Sharding
Platforms: All
Version: 2023.1.1

This change corrects an issue when the DISTINCT keyword was applied to parallel queries with window functions that caused DISTINCT to apply only to each partition of the window function, rather than the entire query.

SQL

DP-417307: Tune Table block sampling: Don't get all the data blocks for a very large table

Category: SQL
Platforms: All
Version: 2023.1.1

This change optimizes the performance of TUNE TABLE by altering how blocks are sampled.

DP-419045: Set map selectability back to 1 for indexes even if %BuildIndices() fails

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, if an attempt to build indexes failed, the map selectability flag was not correctly reset. This issue has been resolved.

DP-421412: Update property description to reflect FT statement type numbers

Category: SQL
Platforms: All
Version: 2023.1.1

This change updates the documentation of the %StatementTypeName property of the %SQL.StatementResult class and the statementType property of the %SQL.StatementMetadata class with the SQL statement types associated with foreign table DDL statements.

DP-421621: Tune Table: Allow variables in the map global name

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, the Tune Table utility would raise a <FUNCTION> error when called on tables that have non-static data locations. This issue has been resolved.

DP-421629: Use -1 to signal that there is no explicit MAXLEN in ^oddSQL

Category: SQL
Platforms: All
Version: 2023.1.1

This change ensures that flags which indicate no explicit MAXLEN are compatible across releases of InterSystems IRIS.

DP-421760: TT: Fix getting global info if explicit ns or db references to global

Category: SQL
Platforms: All
Version: 2023.1.1

This change ensures that Tune Table gathers statistics on tables that use explicit namespaces or database references to save globals.

DP-421773: In dynamic sql RTPC utility class, resets a flag if error happens in runtime class

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, if an error were thrown in Runtime Plan Choice utility class code in Dynamic SQL, a flag would not be reset properly. This issue has been resolved.

DP-421808: Use $Get(parent extent sql info) in FlattenIrnTree to prevent UNDEFINED error

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, code that determined whether a table needed to be tuned automatically could sometimes throw an error. This issue has been corrected.

DP-422062: Use current ODBCVarcharMaxlen in INFORMATION.SCHEMA.COLUMNS if there is no explicit MAXLEN

Category: SQL
Platforms: All
Version: 2023.1.1

The CHARACTERMAXIMUMLENGTH and CHARACTEROCTETLENGTH fields in the INFORMATION_SCHEMA.COLUMNS table now take the current ODBCMaxlen value if no value has been explicitly specified.

DP-422078: Define index as COLLATE(transformation-spec, truncate-length ) in class definition

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, when a user defined an index as COLLATE(transformation-spec, truncate-length) in a class definition, there was a compile error. This has been changed to allow users to define a truncate length.

DP-422322: Split into multiple lines when setting variables for embedded SQL

Category: SQL
Platforms: All
Version: 2023.1.1

This change splits embedded SQL statements with a large number of fields or variables into multiple lines to avoid a <MAXSTRING> error.

DP-422758: Update handling of host variables when preparsing SQL

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, host variables referenced in an ORDER BY clause were not correctly populated. This issue has been resolved.

DP-422762: Fix compile-time error in columnar post-join with expressions in the aggregates of "onerow" queries

Category: SQL
Platforms: All
Version: 2023.1.1

This change resolves an issue when processing a query that used joins, no groups, aggregates, and an expression as a parameter of an aggregate on tables that use columnar storage.

DP-423183: Only do +-*/ movextnodes if expression/field is in numeric datatype

Category: SQL
Platforms: All
Version: 2023.1.1

Previously, queries that had WHERE conditions of the form '<name> + <num1> <op> <num2>', where name is a non-numeric field, num1 and num2 are numbers, and op is a comparison operation (such as = or <), would return incorrect results. This issue has been resolved.

DP-423583: Fix variable leakage in Adaptive Parallel Execution worker open code that caused IPQ issues

Category: SQL
Platforms: All
Version: 2023.1.1

This change resolves a variable leakage issue that occassionaly occured during parallel query execution.

DP-423667: SQL: Correct code generation issue for COALESCE

Category: SQL
Platforms: All
Version: 2023.1.1

This change corrects an issue that arose when the SQL COALESCE function was called on expressions containing nested COALESCE functions.

System

DP-421067: Don't return error "0" when expiring LDAP users

Category: System
Platforms: All
Version: 2023.1.1

Previously, on systems that had LDAP enabled, it was possible to receive an error message when, in fact, no error had occurred. This issue has been resolved.

DP-421333: Avoid timeout errors in callin mirror routines when deferred licensing is on

Category: System
Platforms: All
Version: 2023.1.1

Previously, when an instance was using deferred user identification—by calling $SYSTEM.License.DeferUserIdentification(1)— and set a mirror to NOFAILOVER, there could be timeout error. This issue has been corrected.

DP-423087: Fix using ':ds:DBNAME' as the database reference could get stale DB path.

Category: System
Platforms: All
Version: 2023.1.1

Previously, if a database had been removed from an instance and then recreated on a different path, the system would sometimes refer to the stale path. This issue has been corrected.

VDoc - XML

DP-422495: [Interoperability] XML VDoc - correct DTL display of schema paths for certain collapsed complex type XSD

Category: VDoc - XML
Platforms: All
Version: 2023.1.1

Previously, when elements with complex types were collapsed, the DTL display of the schema path would be incorrect. This issue has been resolved.

Web Gateway

DP-423305: FIX - add "marked ONLINE" message for load-balancing servers

Category: Web Gateway
Platforms: All
Version: 2023.1.1

When an instance of InterSystems IRIS in a load-balancing configuration cannot be reached due to timeout, the Web Gateway marks it as offiline and logs a message in CSP.log. This change adds a message for when the server is marked as back online and clarifies the message specifying that the instance had gone offline.

For Additional Help

If you need assistance with evaluating how upgrading to this maintenance release will affect your applications, systems, or related plans, please contact the InterSystems Worldwide Support Center:

  • Phone:  +1.617.621.0700
  • Fax:  +1.617.734.9391
  • Email:  support@intersystems.com

Current release notes (and complete product documentation) can be found online at https://docs.intersystems.com.

FeedbackOpens in a new tab