This firmware is now available. Please visit the product's support page on www.axis.com for the download, full release notes and installation instructions.

↧

AXIS Companion_Recorder, version 9.40.1.2

September 24, 2019, 3:00 pm

≫ Next: AXIS Q3708-PVE, version 6.55.7

≪ Previous: AXIS P7304, version 9.25.1.2

This firmware is now available. Please visit the product's support page on www.axis.com for the download, full release notes and installation instructions.

Features in 9.40.1
================================================================================

9.40.1:F1
Added support for search functionality in help files.

9.40.1:F2
Added support for systemready.cgi which will improve re-connection of the
browser to the web-interface after e.g. powercyle or restart of the product.

9.40.1:F3
Added support for automatic firmware rollback verfication. The user can chose to
select this option prior to performing an firmware upgrade. When chosen, the
product will perform the upgrade and then wait a pre-defined time for the user
to acknowledge the upgrade in the web-interface. If not acknowledged in time,
the product will rollback to its previous firmware.

9.40.1:F4
Added support for the possibility to configure a secondary NTP server in web-
interface under Settings -> System -> Date & Time or via VAPIX Time API.

9.40.1:F5
Removed the root users default password in factory defaulted firmware. The
password of the root user must be set first in order to initialize VAPIX and
ONVIF interfaces to allow further configuration.
This change only affects products in its factory defaulted state, products that
are already deployed in production systems are not affected by this update until
factory defaulted. For more information please see
https://www.axis.com/support/faq/FAQ116429.

9.40.1:F6
Added support for uploading custom firmware certificates in the web-interface
under Settings -> System -> Security in order to allow the Axis product to
accept AXIS developer firmware during firmware upgrade.

9.30.1:F1
TLS1.0 and TLS1.1 is now disabled by default.

9.30.1:F2
Added support for TLSv1.3.

9.30.1:F3
Added support for ACAP2.

9.30.1:F4
Upgraded Apache to version 2.4.39 to increase overall minimum cyber security
level.

9.30.1:F5
It is now possible to upload .PFX formatted certificates with a total size of
102400 bytes. The previous limit was 1/10 of it.

9.30.1:F6
Added support for "Wait at least time x" before re-running an configured action
rule.

9.20.1:F1
Firmware is now signed by AXIS to increase overall minimum cybersecurity level.
More information about Signed Firmware can be found here
https://www.axis.com/support/faq/FAQ116424.

9.20.1:F2
Upgraded Apache to version 2.4.38 to increase overall minimum cyber security
level.

9.20.1:F3
Updated Video Motion Detection to version 4.3.4.

9.20.1:F4
Updated OpenSSL to version 1.1.1a to increase overall minimum cyber security
level.

Corrections in 9.40.1.2
================================================================================

9.40.1.2:C1
Increased system robustness and re-connection behaviour after performing a
firmware upgrade.

↧

AXIS Q3708-PVE, version 6.55.7

September 25, 2019, 3:00 pm

≫ Next: AXIS M3037, version 6.55.2

≪ Previous: AXIS Companion_Recorder, version 9.40.1.2

↧

AXIS M3037, version 6.55.2

September 25, 2019, 3:00 pm

≫ Next: AXIS Q6075-E, version 9.40.1.3

≪ Previous: AXIS Q3708-PVE, version 6.55.7

This firmware is now available. Please visit the product's support page on www.axis.com for the download, full release notes and installation instructions.

NOTE
====================

For latest information about Axis Cybersecurity, see
https://www.axis.com/se/sv/support/product-security.

Corrections in 6.55.2 since 6.55.1.2
=====================================

6.55.2:C01
Removed the root users default password in factory defaulted firmware. The password of
the root user must be set first in order to initialize VAPIX and ONVIF interfaces to allow
further configuration. This change only affects products in its factory defaulted state,
products that are already deployed in production systems are not affected by this update
until factory defaulted.

6.55.2:C02
Corrected an issue that caused snapshot JPEG images to contain erroneous data
and resulting in problems to display them in some viewers.

6.55.2:C03
Increased the limit of concurrent HTTP requests for I/O related VAPIX commands from 4 to
10.

6.55.2:C04
Corrected an issue that prevented the insertion of triggered data in SEI messages when
streaming H.264.

6.55.2:C05
Updated OpenSSL to version 1.0.2s to increase overall minimum cyber security level.

6.55.2:C06
Updated LIBSSH2 to version 1.8.2 due to that version 1.8.1 broke publickey-userauth
requests.

6.55.2:C07
Updated Mozilla ca-certificates to versions available at 20190122.

6.55.2:C08
Corrected security vulnerability in Systemd CVE-2019-6454 to increase overall minimum
cyber security level.

6.55.2:C09
Improved robustness of the O3C client.

6.55.2:C10
Updated Apache to version 2.4.39 to increase overall minimum cyber security level.

6.55.2:C11
Patched the following security vulnerabilities to increase overall minimum cyber security
level: CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3858, CVE-2019-3859,
CVE-2019-3860, CVE-2019-3861, CVE-2019-3862, CVE-2019-3863.

6.55.2:C12
Corrected the following vulnerabilities in order to increase overall minimum cyber
security level: CVE-2018-16865, CVE-2018-16866.

6.55.2:C13
Corrected an issue that prevented the user from uploading a certificate that contains
"Bag Attributes" before and after the actual certificate content.

6.55.2:C14
Corrected an issue that caused event notifications not been triggered on storage
disruption.

6.55.2:C15
Corrected an issue with HTTP response which prevented the camera from streaming on rare
occasions.

6.55.2:C16
Corrected an issues that could cause an incorrect error message when testing HTTP
recipient.

6.55.2:C17
Patched security vulernability in the Linux kernel CVE-2018-17182 to increase
overall minimum cyber security level.

6.55.2:C18
Adjusted re-connection behavior of interrupted AVHS connections on AVHS-server side. The
time between failed connection attempts will now gradually increase until a hard limit is
reached.

6.55.2:C19
Patched the security vulnerability CVE-2017-16544 in BusyBox to increase overall minimum
cyber security level.

6.55.2:C20
Corrected an issue in the ACAP framework that could cause ACAPs to freeze on rare
occasions.

6.55.2:C21
Corrected an issue that could cause corrupted video recordings when UserData or
TriggerData are enabled.

6.55.2:C22
Corrected an issue that could cause incorrect snapshot resolutions on view areas.

6.55.2:C23
Corrected an issue with the Axis event handling interface when deactivating events.

6.55.2:C25
Corrected an issue with incorrect handling of ACAPs after camera boot.

6.55.2:C26
Added Perfect Forward Secrecy ciphers (DHE-RSA) to the ciphers selection.

6.55.2:C27
Patched security vulernability CVE-2018-14526 to increase overall minimum cyber security
level.

6.55.2:C29
Added selection boxes for disabling TLSv1.0 and TLSv1.1 in Settings -> System ->
PlainConfig -> HTTPS to enforce the highest possible HTTPS negotiation client handshake
via TLSv1.2.

6.55.2:C30
Corrected an issue causing CIFS networkshare to become read only on mount on rare
occasions.

6.55.2:C31
Added a Storage Stability Helper service for better handling of Network Shares.

6.55.2:C32
Corrected an issue that caused the I/O API to respond with an incorrect port number.

6.55.2:C34
Corrected an issue that let a user modify capture mode without performing the required
restart during the initial set up of the camera.

6.55.2:C35
Corrected an issue that caused black images on rare occasions when high loads of Events
are sent to the camera.

6.55.2:C36
Corrected an issue that caused problems when testing multiple Email recipients.

6.55.2:C37
Corrected an issue in the trigger data that set Video loss to "Disconnected" as default
initial state even when the camera is initially connected.

6.55.2:C38
Corrected an issue that could cause e-mail recipients to not be formatted correctly.

6.55.2:C39
Updated AXIS Media Control (AMC) version to 7.3.10.1.

6.55.2:C40
Corrected an issue that prevented the user to add the camera to Genetec when HTTPS was
used.

6.55.2:C41
Adds PID/program name to network connection list in the Server Report.

6.55.2:C42
Updated R2 GlobalSign Root Certificate to version 20170717. Required to enable Email
recipients using 'Validate server certificate'.

6.55.2:C43
Added support for certificates with expiration dates beyond year 2038.

6.55.2:C44
Improved camera upgrade stability when configuration files become corrupt in rare
occasions.

6.55.2:C45
Improved user notification when creating a E-mail recipient that contains wrong domain
information.

6.55.2:C46
Corrected an issue that removed an unnecessary warning which was printed in the system log
when a user creates an action rule sending HTTP notification with custom parameter.

6.55.2:C47
Corrected an issue that displayed system-only users as well under System Options ->
Support -> System Overview.

6.55.2:C48
Improved stability when sending VAPIX commands through actionengined.

6.55.2:C49
Corrected an issue that caused a wrong time on the camera when Turkey timezone was
configured and Daylight Saving Time was enabled.

6.55.2:C50
Improved camera stability when using liblicensekey.

6.55.2:C51
Corrected a bug that resulted in 503 Service Unavailable when trying to play a
recording from a camera with a specific time range via ONVIF.

6.55.2:C52
Corrected a bug that added an additional / in the absolute upload path of an
SFTP Recipient when saving the action rule causing it to not work correctly.

6.55.2:C53
Corrected a bug that prevented the user from seeing the ACAP running status and
re-added the Main Page link to open a ACAP in the web-interface under Setup ->
Applications.

6.55.2:C54
Corrected a bug that let the camera send corrupted XML data packages within a
stream which caused a VMS to not record video motion detection coming
from the camera.

6.55.2:C55
The license expiration date of an installed ACAP is now shown correctly again
when running http://ip-address/axis-cgi/applications/list.cgi.

6.55.2:C56
The correct IPv6 router IP-addresses are now shown correctly in the network
interface of the web-interface and in ONVIF responses.

6.55.2:C57
Adjusted the system log messages for the NTP daemon to be more specific and
highlight that there is a time drift instead of an "adjustment".

6.55.2:C58
Corrected an issue that delivered E-Mails send from the camera with a wrong time
zone or a wrong time stamp in the e-mail header.

6.55.2:C59
Corrected an issue with FTP recipients configured with a DNS name instead of a
static IP-address which caused the FTP recipient test or action rule to fail.

6.55.2:C60
Upgrade SSL negotiation in the AVHS client to SSLv23 instead of the deprecated TLSv1.

6.55.2:C61
The triple DES cipher is not selected as DEFAULT in the HTTPS settings to
increase overall cyber security level.

6.55.2:C63
Corrected an issue that changed the IDs of certificates to numbers instead of
keeping the original name.

6.55.2:C64
Corrected an issue that let the camera to become unresponsive in rare occasions
when using privacy masks.

6.55.2:C65
Improved stability for TCP notifications.

6.55.2:C66
Improved HTTP image upload stability in unstable networks.

6.55.2:C67
Improved camera stability when metadata is used.

6.55.2:C68
Corrected Turkey/Istanbul timezone from GMT+2 to GMT+3.

6.55.2:C69
Improved loading of the web interface in unstable networks.

6.55.2:C70
Corrected a bug that prevented from saving an action rule with a mail recipient
that had SSL enabled.

6.55.2:C71
Corrected a bug in the event system that prevented the camera from re-sending
the SMTP notification every 10 seconds in case the receiving server reported an
error.

↧

AXIS Q6075-E, version 9.40.1.3

October 2, 2019, 3:00 pm

≫ Next: AXIS Q6075, version 9.40.1.3

≪ Previous: AXIS M3037, version 6.55.2

This firmware is now available. Please visit the product's support page on www.axis.com for the download, full release notes and installation instructions.

Features in 9.40.1
================================================================================

9.40.1:F1
Added support for H.265 stream profiles to be used in Send Video Clip action
rules.

9.40.1:F2
Added support for search functionality in help files.

9.40.1:F3
Added support for systemready.cgi which will improve re-connection of the
browser to the web-interface after e.g. powercyle or restart of the product.

9.40.1:F4
Added support for average bitrate control (ABR).

9.40.1:F5
Added support for automatic firmware rollback verfication. The user can chose to
select this option prior to performing an firmware upgrade. When chosen, the
product will perform the upgrade and then wait a pre-defined time for the user
to acknowledge the upgrade in the web-interface. If not acknowledged in time,
the product will rollback to its previous firmware.

9.40.1:F6
Added support for the possibility to configure a secondary NTP server in web-
interface under Settings -> System -> Date & Time or via VAPIX Time API.

9.40.1:F7
Removed the root users default password in factory defaulted firmware. The
password of the root user must be set first in order to initialize VAPIX and
ONVIF interfaces to allow further configuration.
This change only affects products in its factory defaulted state, products that
are already deployed in production systems are not affected by this update until
factory defaulted. For more information please see
https://www.axis.com/support/faq/FAQ116429.

9.40.1:F8
Added support for uploading custom firmware certificates in the web-interface
under Settings -> System -> Security in order to allow the Axis product to
accept AXIS developer firmware during firmware upgrade.

9.40.1:F9
Updated Video Motion Detection to version 4.4.0.

9.40.1:F10
Updated Motion Guard to version 2.2.0.

9.40.1:F11
Updated Fence Guard to version 2.2.0.

9.40.1:F12
Updated Loitering Guard to version 2.2.0

9.40.1:F13
Added support for millisecond timestamps in JPEG header.

9.30.1:F1
Added an API for mDNS-SD.

9.30.1:F2
Updated Motion Guard to version 2.1.9.

9.30.1:F3
It is now possible to upload .PFX formatted certificates with a total size of
102400 bytes. The previous limit was 1/10 of it.

9.30.1:F4
Added support for "Wait at least time x" before re-running an configured action
rule.

9.30.1:F5
TLS1.0 and TLS1.1 is now disabled by default.

9.30.1:F6
Added support for source-specific multicast (SSM) via http://ip-address/axis-
media/ssm/media.amp.

The following parameters need to be configured prior to initiating a video
stream via SSM:

Network.RTP.R#.VideoAddress
Network.RTP.R#.VideoPort
Network.RTP.R#.AudioAdress
Network.RTP.R#.AudioPort

9.30.1:F7
Added support for TLSv1.3.

9.30.1:F8
The classic GUI has been deprecated and is now removed to increase overall cyber
security level.

9.30.1:F9
Upgraded Apache to version 2.4.39 to increase overall minimum cyber security
level.

9.30.1:F10
Updated Fence Guard to version 2.1.9.

9.30.1:F11
Updated Video Motion Detection to version 4.3.5.

9.30.1:F12
Updated Loitering Guard to version 2.1.9.

Corrections in 9.40.1.3
================================================================================

9.40.1.3:C1
Corrected an issue that could cause false RAM memory initialisation during boot-
up on rare occasions.

↧