#Alerts

Beginning with the release of InterSystems IRIS® data platform 2022.3, InterSystems corrected the license enforcement mechanism to include REST and SOAP requests. Due to this change, environments with non-core-based licenses that use REST or SOAP may experience greater license utilization after upgrading. To determine if this advisory applies to your InterSystems license, follow the instructions in the FAQ linked below.

This table summarizes the enforcement:

InterSystems has encountered a defect that causes some upgrades of HealthShare® Health Connect to fail. This only affects instances that are not licensed for the use of FHIR® and that have interoperability-enabled namespaces. Under these conditions, the upgrade fails with an <HSFHIRErr> error.

This defect only impacts upgrades to version 2024.1 of HealthShare Health Connect.

The affected version, 2024.1.0.263.0, has been removed from distribution.  A new Point Release is available:

In evaluating an IBM Support notification, InterSystems has determined a potential impact for our customers. The notification in question is:

Memory Leak in std::string for programs built with xlclang++ 16.1.0 in the presence of the 17.1.1 libc++.a

This issue affects versions 2022.x and 2023.x of

• InterSystems IRIS® data platform
• InterSystems IRIS for Health™
• HealthShare® Health Connect

It also affects other InterSystems products based on the InterSystems IRIS family of products.

InterSystems has corrected two defects regarding connectivity. These defects and their corrections are independent of each other.

This alert addresses them both because there are point releases containing both corrections.

Both defects only impact versions 2019.1.4 and 2020.1.4 of:

• InterSystems IRIS®
• InterSystems IRIS for Health™
• HealthShare® Health Connect

Neither defect impacts any released version of HealthShare Unified Care Record®, Information Exchange, Health Insight, Patient Index, Provider Directory, Care Community, Personal Community, or Healthcare Action Engine.

InterSystems has corrected two defects.

The first defect can cause an ECP application server to hang. This defect is only relevant to ARM and IBM Power processors; it is present in version 2022.1.2 and 2022.1.3 of InterSystems IRIS®, InterSystems IRIS for Health™, and HealthShare® Health Connect. The correction is identified as DP-423661. The defect is addressed in all future versions. 

InterSystems has corrected a defect that causes increased process memory usage.

Specifically, the increased consumption of local process partition memory occurs when executing $Order,  $Query, or Merge on local variables.  While this will have no detrimental impact for most running environments, environments that support a large number of processes or closely limit Maximum Per-Process Memorycould be impacted.  Some processes may experience <STORE> errors.

This post is part of the HealthShare HS2022-01 Alert communications process.  The same information is also distributed:

• By Email
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

There are 22 alerts in the HealthShare HS2022-01 Alert communication.  The Alert Summary is in the table below, and the detail is contained in the attached document: HS2022-01-Communication

December 13, 2021 - Advisory: Vulnerability in Apache Log4j2 Library Affecting InterSystems Products

InterSystems is currently investigating the impact of a security vulnerability related to Apache Log4j2.

The vulnerability — impacting at least Apache Log4j2 (versions 2.0 to 2.14.1) — was recently announced by Apache and is reported in the United States National Vulnerability Database (NVD) as CVE-2021-44228 with the highest severity rating, 10.0.

Please see this page for more details about the vulnerability and updates on whether InterSystems Products are affected.

November 19, 2021 - Advisory: Apache Web Server provided with InterSystems kits – Vulnerability reports

InterSystems kits include an Apache web server, which provides a convenient way for customers to interact with the Caché/IRIS Management Portal without needing to install an external web server; however, this web server should never be used for production instances, and customers must install a web server that fits their specific needs and security/risk requirements.

October 26, 2021 – Alert: Missing Locks after ECP Database Server Restart or Failover

InterSystems has corrected a defect that can violate application locking guarantees in a distributed cache cluster (ECP configuration), which can lead to application integrity issues. This defect affects:

• All major releases and maintenance versions of InterSystems IRIS and InterSystems IRIS for Health, starting with 2020.1.0

The defect can only occur when an application server successfully performs ECP recovery after a restart or failover of the data server, as follows:

July 21, 2021 – Alert: Incorrect Query Results with Non-Standard ‘GROUP BY’ Query

InterSystems has corrected a defect that can cause incorrect query results. This defect affects:

• All major releases and maintenance versions of InterSystems IRIS and InterSystems IRIS for Health, starting with 2019.1.0

A query block may encounter the defect only if it meets all the following conditions:

Dear HealthShare Customer:

This post is part of the HealthShare HS2021-03 Alert communications process.  The same information is also distributed:

• By Email to HealthShare customers
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

March 23, 2021 – Alert: Potential Data Integrity Issue with Mirror Dejournaling

InterSystems has corrected a defect that can cause data inconsistency issues on non-primary mirror members in extremely rare circumstances. This defect affects all released versions of InterSystems products.

InterSystems has identified an issue with product distributions containing Certificate Authority certificates that expire at the end of 2020. This issue does not affect system operation or system security in any way, although it does generate alerts about expiring certificates in the cconsole.log or messages.log files. The messages may be ignored and there are instructions below to eliminate them.

The issue affects the following versions:

February 11, 2021 – Advisory: Incomplete Query Results with ‘ORDER BY <row ID field> DESC’ – HealthShare

InterSystems has corrected a defect that can cause incomplete query results.  This defect affects the platforms underlying HealthShare and HealthShare Health Connect:

• InterSystems IRIS and InterSystems IRIS for Health 2019.1.0, 2019.1.1, and 2020.1.0

See Alert: Incomplete Query Results with ‘ORDER BY <row ID field> DESC’ for further detail

February 11, 2021 – Alert: Incomplete Query Results with ‘ORDER BY <row ID field> DESC’

InterSystems has corrected a defect that can cause incomplete query results. This defect affects:

• InterSystems IRIS and InterSystems IRIS for Health 2019.1.0, 2019.1.1, 2019.2, 2019.3, 2019.4, 2020.1.0, 2020.2, and 2020.3
• HealthShare Health Connect 2019.1.0, 2019.1.1, 2020.1.0
• HealthShare Products 2019.2, 2020.1 and 2020.2

Dear HealthShare Customer:

This post is part of the HealthShare HS2020-09 Alert communications process.  The same information is also distributed:

• By Email
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

There are 3 alerts in the HealthShare HS2020-09 Alert communication.  The Alert Summary is in the table below, and the detail is contained in the document: HS2020-09-Communication

This message contains six recent HealthShare Advisories, which are available below.

InterSystems has corrected a defect that may cause Windows Telnet processes that are secured using SSL/TLS to hang indefinitely; this may then cause an instance to become unresponsive. This defect is present only on Windows platforms.

This defect affects:

• Caché and Ensemble 2018.1.4
• HealthShare Health Connect (HSAP) 15.032 built on C/E 2018.1.4
• InterSystems IRIS and InterSystems IRIS for Health 2020.3

Dear HealthShare Customer:

This post is part of the HealthShare HS2020-08 Alert communications process.  The same information is also distributed:

• By Email
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

There are 2 alerts in the HealthShare HS2020-08 Alert communication, and outlined in the Alert Summary table below.  The detail is contained in the attached document: HealthShare HS2020-08.

These alerts do not affect HealthShare Health Connect or HSAP customers

This message contains four recent HealthShare Advisories, which are available below.

• Advisory: FHIR Medication asNeededBoolean Not Always Correct
• Advisory: Clinical Viewer and Management Portal Log Out Synchronization Issue
• Advisory: Failure to access linkage engine libraries in Patient Index
• Advisory: Failure to access linkage engine libraries in Provider Directory

These advisories are also on the InterSystems Product Alerts and Advisories page

InterSystems has corrected a defect that can cause a build-up of orphaned processes consuming system resources. In extreme cases, this can cause a system to become unresponsive.

This defect affects the following versions:

• Caché and Ensemble 2018.1.4
• InterSystems IRIS and InterSystems IRIS for Health 2019.4, 2020.1, and 2020.2
• HealthShare Health Connect (HSAP) 15.032 built on Ensemble 2018.1.4
• HealthShare Health Connect 2020.1

This message contains two recent HealthShare Advisories, which are available below.

• Advisory: Consent API allows for the creation of consent policies for non-existing MPI IDs
• Advisory: Issue with Consent Processing in the Operational Data Store

These advisories are also on the InterSystems Product Alerts and Advisories page

September 1, 2020 – Advisory: Consent API allows for the creation of consent policies for non-existing MPI IDs

This message contains three recent HealthShare Advisories, which are available below.

• Advisory: ODS Not Storing Observations When Terminology Translations Are Used
• Advisory: Composite Record Definition Must Reference Implemented Linkage Definition
• Advisory: Potential for Outdated Terms of Use to be Presented in Personal Community

These advisories are also on the InterSystems Product Alerts and Advisories page

June 30, 2020 – Advisory: ODS Not Storing Observations When Terminology Translations Are Used

InterSystems has corrected a defect that can lead to missing resource data in FHIR search results.

This problem exists for:

• HealthShare Unified Care Record 2020.1.0 b7015

This defect occurs due to an incorrect resource being deleted from the search index. Subsequent FHIR Resource requests against the FHIR Repository may return incomplete results due to that missing index. Any type of FHIR resource data can be lost, and depending on when the defect occurs, the same FHIR request could return different result sets.

InterSystems has corrected a defect that can cause FHIR searches to return incomplete results. The defect manifests because a FHIR update interaction deletes an incorrect resource from the search index. Although the data still exists in the repository, subsequent searches may return incomplete results due to the missing entry in that index.

Dear HealthShare Customer:

This post is part of the HealthShare HS2020-06 Alert communications process.  The same information is also distributed:

• By Email
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

There are 2 Health Insight alerts in the HealthShare HS2020-06 Alert communication.  The Alert Summary is in the table below, and the detail is contained in the attached document: HS2020-06-Communication

Dear HealthShare Customer:

This post is part of the HealthShare HS2020-05 Alert communications process.  The same information is also distributed:

• By Email
• On the Product Alerts & Advisories page
• On the WRC Distribution Page InterSystems Documents

There are 3 alerts in the HealthShare HS2020-05 Alert communication, including the previously posted "Alert: Possible Data Integrity Issues with Online Backup of Large Databases"  The Alert Summary is in the table below, and the detail is contained in the attached document: HS2020-05-Communication

InterSystems has corrected two defects that affect online backup of very large databases. Backups taken via external methods, such as snapshots or direct file copies, are not affected. These defects exist in all released versions of all InterSystems products.

The first defect only affects databases with more than 2³¹ blocks. It results in a degraded database after restoring from an online backup. For example, databases that have a block size of 8 KB (the default) are only affected if they are larger than 16 TB. The correction for this defect is identified as RJF437.

This message contains three recent HealthShare Advisories, which are available below.

These advisories are also on the InterSystems Product Alerts and Advisories page

• Advisory: A manager from one facility could view users from another facility
• Advisory: Significant Performance Issues with ListEncounterRelationships()
• Advisory: The Lab Results Table in Clinical Viewer does not display "IM" results.

May 12, 2020 - Advisory: A manager from one facility could view users from another facility