FIRMWARE RELEASE NOTE ===================== Products affected: AXIS C1004-E, C2005 Release date: 2023-04-04 Release type: Production Firmware version: 9.80.22.1 Preceding release: 9.80.3.13.1 -------------------------------------------------------------------------------- Upgrade instructions ==================== NOTE: Upgrade from FW version 1.81.040 or below, directly to 9.80.22.1 is not possible. Customers are advised to upgrade in these steps: 1.65.032 or 1.81.40 -> 1.85.060 -> 9.80.2.2 -> 9.80.22.1 Upgrade the firmware according to the instructions given in howtoupgrade.txt, which is included in the firmware folder or at the firmware portal at https://www.axis.com Corrections in 9.80.22.1 since 9.80.3.13.1 =========================================== 9.80.22.1:C01 New versioning on AXIS OS LTS 2020. For more information, see AXIS OS versioning. https://help.axis.com/en-us/axis-os-release-notes#:~:text=New%20versioning%20on%20AXIS%20OS%20LTS%202020.%20For%20more%20information%2C%20see%20AXIS%20OS%20versioning. 9.80.22.1:C02 General improvements to the LTS-2020 platform. 9.80.22.1:C03 Updated Apache to version 2.4.55 to increase the overall cybersecurity level. 9.80.22.1:C04 Updated CURL to version 7.88.1 to increase overall cybersecurity level. 9.80.22.1:C05 Updated OpenSSL to version 1.1.1t to increase overall cybersecurity level. 9.80.22.1:C06 Corrected an issue affecting some O3C clients, that caused internal authentication requests to fail after a few days of uptime. 9.80.22.1:C07 Improved stability of syslog system by addressing a potential memory leak. 9.80.22.1:C08 Updated time zone database version to 2022g. 9.80.22.1:C09 Receiving ICMP secure redirects from other network hosts are now disabled to increase overall minimum cyber security level. 9.80.22.1:C10 Corrected an issue that caused audio via external VMS to stop working. Limitations in 9.80.22.1, 9.80.3.13.1 and 9.80.3.8.1 ========================================= 9.80.22.1, 9.80.3.13.1 and 9.80.3.8.1 The "System Overview" and "System Settings" options in the device configuration menu may be hidden if the device is not part of an audio system. If you wish to enable these menu options, please start the AXIS Audio Player ACAP (found under the menu option "Services"). Then open the AXIS Audio Player and use the application (e.g. open the volume slider in the lower right corner and adjust the volume) Go back to the device configuration menu and refresh the browser page. The "System Overview" and the "System Settings" options should now be available. Corrections in 9.80.3.13.1 since 9.80.3.8.1 =========================================== 9.80.3.13.1:C01 General improvements to the LTS-2020 platform. 9.80.3.13.1:C02 Upgraded Apache to version 2.4.54 to increase overall cybersecurity level. 9.80.3.13.1:C03 Updated OpenSSL to version 1.1.1q to increase the overall cybersecurity level. 9.80.3.13.1:C04 Corrected CVE-2018-25032. 9.80.3.13.1:C05 Corrected CVE-2021-33910. 9.80.3.13.1:C06 Corrected CVE-2021-29462. 9.80.3.13.1:C07 Corrected CVE-2020-13848. 9.80.3.13.1:C08 Removed an obsolete link to the AXIS Hardening guide in the device configuration web. For more information about AXIS hardening, please visit Axis.com. Corrections in 9.80.3.8.1 since 9.80.3.1 ======================================== 9.80.3.8.1:C01 General improvements to the LTS-2020 platform. 9.80.3.8.1:C02 Upgraded Apache to version 2.4.51 to increase overall cybersecurity level. 9.80.3.8.1:C03 Updated OpenSSL to version 1.1.1l to increase overall cybersecurity level. 9.80.3.8.1:C04 Updated curl to version 7.79.1 to increase overall cybersecurity level. 9.80.3.8.1:C05 Improvements to NTP Sync for unstable networks that allows the NTP device client to adjust itself and allow an overwrite to happen to compensate a possible time difference. 9.80.3.8.1:C06 Fixed a problem where output gain could not be adjusted for SIP-calls. Corrections in 9.80.3.1 since 9.80.2.2 ====================================== 9.80.3.1:C01 General improvements to the LTS-2020 platform. 9.80.3.1:C02 Updated Curl to version 7.73.0 to increase overall cybersecurity level. 9.80.3.1:C03 Updated OpenSSL from version 1.1.1g to version 1.1.1i to increase overall cyber security level. 9.80.3.1:C04 Updated Apache from version 2.4.43 to version 2.4.46 to increase overall cyber security level. 9.80.3.1:C05 Added possibility to retrieve the device Owner Authentication Key (OAK) in the web GUI. Note that this functionality requires that the product have direct access to the internet. 9.80.3.1:C06 Corrected an issue that sometimes made it impossible to edit action rules after upgrade. 9.80.3.1:C07 Corrected an issue where start/stop clip cgi sometimes is not being executed correctly. 9.80.3.1:C08 Corrected an issue where SD cards new from the box or formatted with a file system that is not valid for the device (for example exFAT) the SD card could not be formatted in device configuration web. Corrections in 9.80.2.2 since 1.97.1 ==================================== 9.80.2.2:C01 Updated Apache to version 2.4.43 to increase overall cyber security level. 9.80.2.2:C02 Update OpenSSL to version 1.1.1g to increase overall cyber security level. 9.80.2.2:C03 Corrected an issue that sometimes made it impossible to edit action rules after upgrade. 9.80.2.2:C04 Updated maximum allowed announcements in Axis Audio Player from 70 to 80. 9.80.2.2:C05 Changed the priority between SIP and Media clip so that Media clip has the highest priority. 9.80.2.2:C06 Changes in sound profile for Network Horn Speakers (C3003-E and C1310-E) which results in a change in total system output gain. Approximate dB changes: Total system output gain previous releases <= -24dB -> add +8dB total system output gain in 9.80.2.2. Total system output gain previous releases <= -20dB -> add +6dB total system output gain in 9.80.2.2. Total system output gain previous releases <= -12dB -> add +3dB total system output gain in 9.80.2.2. 9.80.2.2:C07 Rollback - When upgrading the firmware in an Axis product, a restore point of the previous state of the product and its entire configuration is made before the upgrade. This restore point is available to go back to after the firmware upgrade has been performed in case of an unexpected issue. The firmware rollback feature can be found in the Axis product’s web interface under Settings > System > Maintenance.