FIRMWARE RELEASE NOTE ====================== Products affected: AXIS Q3708-PVE Release date: 2024-02-14 Release type: Production Firmware version: 6.55.10 Preceding release: 6.55.9 -------------------------------------------------------------------------------- Upgrade instructions ==================== Upgrade the firmware according to the instructions given at https://www.axis.com/ca/en/support/technical-notes/how-to-upgrade or howtoupgrade.txt, which is included in the firmware folder. NOTE ==================== For latest information about Axis Cybersecurity, see https://www.axis.com/se/sv/support/product-security. Corrections in 6.55.10 since 6.55.9 ======================================= 6.55.10:C01 Updated Apache to version 2.4.58 to increase the overall cybersecurity level. 6.55.10:C02 Netd Service now preserves the static resolver configuration even after a soft restore, safeguarding static DNS/Search domain settings. 6.55.10:C03 Addressed CVE-2024-0054. For more information, please visit the Axis vulnerability management portal. 6.55.10:C04 Updated curl to version 8.4.0 to increase overall cybersecurity level. 6.55.10:C05 Corrected CVE-2023-21418. For more information, please visit the Axis vulnerability management portal. 6.55.10:C06 Updated OpenSSL to version 1.1.1w to increase overall cybersecurity level. 6.55.10:C07 Corrected CVE-2023-21415. For more information, please visit the Axis vulnerability management portal. 6.55.10:C08 Resolved an issue where the respawn daemon incorrectly managed restarts for ACAP services, notably in situations with multiple acaps running simultaneously. 6.55.10:C09 Added proxy configuration support to the Owner Authentication Key (OAK) cgi using group root.RemoteService, simplifying setup on networks requiring proxy servers for Internet access and improving the authentication process. 6.55.10:C10 Added support for a second client certificate. 6.55.10:C11 Corrected an issue affecting some O3C clients, that caused internal authentication requests to fail after a few days of uptime. 6.55.10:C12 Disabled secure redirects from other network hosts net.ipv4.conf.all.secure_redirects & net.ipv4.conf.default.secure_redirects to increase overall minimum cybersecurity level. 6.55.10:C13 Corrected CVE-2018-25032. 6.55.10:C14 Corrected an issue where 802.1X would not trust the intermediate certificate authority (CA). 6.55.10:C15 Updated wpa-supplicant to version 2.10 to increase overall minimum cybersecurity level. 6.55.10:C16 Receiving ICMP redirects from other network hosts are now disabled to increase overall minimum cybersecurity level. 6.55.10:C17 Corrected an issue with uploading RSA certificate with PKCS#8 formatted private keys. 6.55.10:C18 Corrected an issue that caused the Send images event to stop uploading towards a FTP server when the filename included a space (" "). 6.55.10:C19 Improved handling of empty recordings. 6.55.10:C20 Corrected CVE-2019-15916. 6.55.10:C21 Corrected CVE-2020-13848. 6.55.10:C22 Corrected CVE-2021-29462. Corrections in 6.55.9 since 6.55.8 ======================================= 6.55.9:C01 Extended the 802.1x EAP-Identity field character limit from 32 to 128 characters. 6.55.9:C02 Updated Apache to version 2.4.48 to increase overall cybersecurity level. 6.55.9:C03 Corrected CVE-2021-31987. 6.55.9:C04 Updated OpenSSL to version 1.1.1l to increase overall minimum cybersecurity level. 6.55.9:C05 Corrected CVE-2019-12450. 6.55.9:C06 Corrected CVE-2021-31986. 6.55.9:C07 Updated curl to version 7.78.0 to increase overall cybersecurity level. 6.55.9:C08 Corrected an issue that caused video clients such as VLC to not display a low-FPS video stream due to missing base FPS info in VUI timing info. 6.55.9:C09 Corrected CVE-2021-27219 6.55.9:C10 Corrected CVE-2021-27218. 6.55.9:C11 Corrected CVE-2021-31987. 6.55.9:C12 Updated OpenSSH to version 8.6p1 to increase the overall minimum cybersecurity level. 6.55.9:C13 Corrected CVE-2021-31988. 6.55.9:C14 Capture Alignment now works via the web user interface again. Known Bugs/Limitations ================================================================================ 6.55.10:L1 WDR Forensic Capture is only possible when the Exposure control setting is set to Automatic. Any settings done in non WDR Forensic Capture mode will be invisible when in WDR Forensic Capture mode. 6.55.10:L2 Capture Alignment adjustments may cause a sensor to display the wrong colors. It should be corrected by the exposure algorithm after a short period. Supported AXIS VAPIX API Image Resolutions for AXIS Q3708-PVE ================================================================================ Resolution Exceptions ========== ========== 2560x1920 3) 2560x1440 2) 1920x1080 2) 1600x1200 3) 1280x960 3) 1280x720 2) 1024x768 3) 800x600 3) 800x450 2) 640x480 3) 640x360 2) 480x360 3) 480x270 2) 320x240 3) 768x576 1) 3) 704x576 1) 704x480 1) 384x288 1) 3) 352x240 1) 176x144 1) 176x120 1) 80x60 1) 1) Not visible in web user interface 2) QHD 2560x1440 (16:9) 3) 5 MP 2560x1920 (4:3)