FIRMWARE RELEASE NOTE ====================== Products affected: Q7424-R MkII Release date: 2024-05-22 Release type: Production Firmware version: 5.51.3.10 Preceding release: 5.51.3.9 -------------------------------------------------------------------------------- Upgrade instructions ==================== Upgrade the firmware according to the instructions given at https://www.axis.com/ca/en/support/technical-notes/how-to-upgrade or howtoupgrade.txt, which is included in the firmware folder. NOTE ==================== For latest information about Axis Cybersecurity, see https://www.axis.com/se/sv/support/product-security. Corrections in 5.51.3.10 since 5.51.3.9 ======================================== 5.51.3.10:C01 Addressed CVE-2024-0066. For more information, please visit the Axis vulnerability management portal. Corrections in 5.51.3.9 since 5.51.3.8 ======================================= 5.51.3.9:C01 Addressed CVE-2023-5677. For more information, please visit the Axis vulnerability management portal. Corrections in 5.51.3.8 since 5.51.3.7 ======================================= 5.51.3.8:C01 Updated OpenSSL to version 1.1.1l to fix CVE-2021-3449 and CVE-2021-3450. 5.51.3.8:C02 Updated pwdgrp.cgi to be RFC compliant to work seamlessly with Home Assistant Systems. 5.51.3.8:C03 Corrected an issue in the Web interface that prevented the creation of an Action Rule with Overlay Text selected as action. 5.51.3.8:C04 Corrected CVE-2021-31987. 5.51.3.8:C05 Added an option to Disable or Enable TLSv1.0 or TLSv1.1 using param.cgi. [IPAddress]/axis-cgi/admin/param.cgi?action=update&root.HTTPS.AllowTLS1=no and [IPAddress]/axis-cgi/admin/param.cgi?action=update&root.HTTPS.AllowTLS11=no 5.51.3.8:C06 Added support for NAS over 2TB. Corrections in 5.51.3.7 since 5.51.3.6 ======================================= 5.51.3.7:C01 Improved robustness of the O3C client. 5.51.3.7:C02 Removed the root users default password in factory defaulted firmware. The password of the root user must be set first in order to initialize VAPIX and ONVIF interfaces to allow further configuration. This change only affects products in its factory defaulted state, products that are already deployed in production systems are not affected by this update until factory defaulted. 5.51.3.7:C03 Corrected an issue that caused event notifications not been triggered on storage disruption. 5.51.3.7:C04 Improved re-connection behavior to OC3 server. The time between failed connection attempts will now gradually increase until a hard limit is reached. 5.51.3.7:C05 A user with administrator rights can now upload PTZ drivers for those cameras supporting this feature. Note that a factory default will be required to remove the old permissions sets from the firmware. 5.51.3.7:C06 Corrected an issue that caused an overload of the CPU after enabling IP adress filtering. Corrections in 5.51.3.6 since 5.51.3.5 ======================================= 5.51.3.6:C01 Corrected an issue that could cause loss of network connections when Energy Efficient Ethernet (EEE) is enabled. Note that one first initial link drop will occur before the connection is stabilized. 5.51.3.6:C02 Corrected common vulnerabilities to increase overall minimum cyber security level. CVE-2010-2960, CVE-2010-4175, CVE-2018-14526. 5.51.3.6:C03 Corrected an issue that caused the action engine to respawn on scheduled triggered action events. 5.51.3.6:C04 Corrected an issue that caused SD cards to become full and write protected on rare occasions. Corrections in 5.51.3.5 since 5.51.3.4 ====================================== 5.51.3.5:C01 Corrected critical vulnerability ACV-128401. 5.51.3.5:C02 Updated R2 GlobalSign Root Certificate to version 20170717. 5.51.3.5:C03 Corrected a issue that let the camera become unresponsive in rare occasions when connected to an AVHS system. Known Bugs/Limitations ====================== 5.51.3.7:L1 Network LEDs on external switches might still be on despite the link being unused. 5.51.3.7:L2 Recording streams to SD Card with a total bit rate above 12Mbit/sec may cause missing frames/sequences. 5.51.3.7:L3 90 and 270 rotation can cause a drop in frame rate. 5.51.3.7:L4 If the device has ongoing continuous recordings and the device is restarted using the restart option in web interface, the current part of recordings(block) can not be accessed or downloaded through the web interface. 5.51.3.7:L5 AXIS Media Control client may stop displaying the H.264 video stream after the PC has been locked. 5.51.3.7:L6 Live view does not work with QuickTime player using default settings. Workaround: Disable Direct3D acceleration in Quicktime. 5.51.3.7:L7 To avoid corrupt recordings, it is recommended to unmount the SD Card before ejecting it. 5.51.3.7:L8 For actions based on PTZ events, it is not possible to use the #P (PTZ preset name) and #p (PTZ preset number) modifiers in the file names for network share uploads. 5.51.3.7:L9 Video overlay text size is a global setting and can not be set for each stream profile. 5.51.3.7:L10 Private keys need to be in a PKCS#1 format in order to function when installing Certificates. 5.51.3.7:L11 Using control queue with Java Applet may result in wrong queue positions if switching between admin and viewer users. 5.51.3.7:L12 On Windows shares, upload paths for events needs to be created on the share before use. 5.51.3.7:L13 AMC with IE10 does not work when using IPv6. 5.51.3.7:L14 Reboot is necessary after enabling SOCKS. 5.51.3.7:L15 When changing active https-certificate, the device needs to be restarted before it becomes active. 5.51.3.7:L16 Time modifiers used in the field "Create folder" is only used upon activation of the rule, hence no new folders are created with the current time during an active rule. To have new folders created with time modifiers you should add them in the "Base filename". 5.51.3.7:L17 Unclear error message when uploading audio clip with already existing name. Supported AXIS VAPIX API Image Resolutions for AXIS Q7424-R =========================================================== Resolution Exceptions ========== ========== 16CIF 1536x1152 2) 4) 1280x960 3) 4) XGA 1024x768 4) D1 720x576 2) 720x480 3) 4CIF 704x576 2) 704x480 3) 2CIF 704x288 2) 704x240 3) CIF 352x288 2) 352x240 3) QCIF 176x144 2) 176x120 3) VGA 640x480 1) analyze 1) 1) Not visible in web user interface 2) PAL mode resolution 3) NTSC mode resolution 4) Available on Quad channel