FIRMWARE RELEASE NOTE ====================== Products affected: P1280-E/P1290-E Release date: 2019-03-14 Release type: Production Firmware version: 8.40.1.2 Preceding release: 8.40.1.1 -------------------------------------------------------------------------------- Upgrade instructions ==================== Upgrade the firmware according to the instructions given at https://www.axis.com/ca/en/support/tecnical-notes/how-to-upgrade or howtoupgrade.txt, which is included in the firmware folder. NOTE ==================== For latest information about Axis Cybersecurity, see https://www.axis.com/se/sv/support/product-security. Corrections in 8.40.1.2 since 8.40.1.1 ======================================= 8.40.1.2:C01 General minor improvements to the 8.40 LTS platform. 8.40.1.2:C02 Corrected an issue that could cause the camera to get unresponsive when two clients are streaming over multicast using the same streaming parameters. 8.40.1.2:C03 Upgraded Apache to version 2.4.38 to increase overall minimum cyber security level. 8.40.1.2:C04 Corrected an issue that could corrupt part of the image at low resolutions. 8.40.1.2:C05 Corrected an issue with Always Multicast over IPv6. 8.40.1.2:C06 Corrected an issue that caused factory default settings to not be applied correctly when upgrading from a firmware version prior to 6.20. 8.40.1.2:C07 Corrected an issue in the web GUI that caused IO Port values to be displayed incorrectly. 8.40.1.2:C08 Improved re-connection behavior to AVHS server. The time between failed connection attempts will now gradually increase until a hard limit is reached. 8.40.1.2:C09 Corrected an issue that prevented usage of the same port for two different multicast streams. 8.40.1.2:C10 Improved list.cgi to display all installed applications (no longer limited to 8). 8.40.1.2:C11 Corrected an issue with pre-installed applications using startmode set to "never". 8.40.1.2:C12 Corrected an issue that could cause an incorrect error message when testing HTTP recipient. 8.40.1.2:C13 Corrected an issue that could cause corrupted video recordings when UserData or TriggerData are enabled. 8.40.1.2:C14 Improved stability in the httptest.cgi. 8.40.1.2:C15 Corrected an issue that caused an HTTP-recipient based action rule to fail when the response from the server excluded the textual phrase (Example: HTTP 200). This will work now. 8.40.1.2:C16 Added Firmware Recovery (Firmware Rollback) information to the server report. Corrections in 8.40.1.1 since 8.40.1 ===================================== 8.40.1.1:C01 Corrected an issue that produced corrupted JPEG file data while the image itself was good. 8.40.1.1:C02 Corrected an issue that prevented the user from uploading a certificate that contains "Bag Attributes" before and after the actual certificate content. 8.40.1.1:C03 Corrected an issue in the ACAP framework that could cause ACAPs to freeze on rare occasions. 8.40.1.1:C04 Patched the following security vulnerabilities to increase overall minimum cyber security level: CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879, CVE-2018-10880, CVE-2018-10881, CVE-2018-10882, CVE-2018-10883. 8.40.1.1:C05 Updated to OpenSSL version 1.0.2p to increase overall minimum cyber security level. 8.40.1.1:C06 Updated Apache to version 2.4.35 to increase overall minimum cyber security level. 8.40.1.1:C07 Patched security vulernability CVE-2018-17182 to increase overall minimum cyber security level. 8.40.1.1:C08 Corrected an issue that caused streams to fail on rare occasions when changing color palette. 8.40.1.1:C09 Corrected an issue that caused upload of Axis People Counter via curl to fail in rare occations. New features in 8.40.1 ================================================================================ 8.40.1:F1 Renamed "Browser Stream Statistics" to "Client Stream Information". The Client Stream Information are available in the web-interface of the camera. 8.40.1:F2 Updated apache webserver to version 2.4.33 to increase overall minimum cyber security level. 8.40.1:F3 Added support for AES-CBC 256-bit SD card encryption. 8.40.1:F4 AXIS Video Motion Detection 4.2.5 is now pre-installed. 8.40.1:F5 Updated help files with more detailed information about SMB and Certificate support in AXIS products. 8.40.1:F6 Added a new section "Snapshot of current CPU utilization" that prints information about CPU utilization and memory consumption of processes in the server report. 8.40.1:F7 Changed the default timeout of HTTP-Recipient based action rules from 10s to 120s to compensate for unstable networks or slow clients. After the timeout is reached, the action rule will be re-tried. Features in 8.30.1 ================================================================================ 8.30.1:F1 Added the possibility for the user to share anonymous usage data with AXIS developers. 8.30.1:F2 Added support for automatically negotiating the preferred SMB protocol version with SMB 2.1 or higher in order to increase the overall minimum cybersecurity level. Please refer to the follwing FAQ for more information -> https://www.axis.com/support/faq/FAQ116392. In case SMB 1.0 or SMB 2.0 is required due to compatibility issues, we recommend setting the Extra Mount Options in PlainConfig -> Storage to a specific version"vers=x.y" (e.g vers=1.0 or vers=2.0). Please note that there are two Storage groups that are related to a mounted network share (normally Storage S1 and Storage S2) and both of them need to have the correct version in Extra Mount Options. 8.30.1:F3 Updated OpenEmbedded to version Poky Rocko to increase overall cyber security level. 8.30.1:F4 Updated the maximum number of recipients for action rules to 20 from 10. 8.30.1:F5 Changed the default setting of SRTP to disabled in order to reduce the number of ports opened by default. 8.30.1:F6 AXIS Video Motion Detection 4.2.4 is now pre-installed. 8.30.1:F7 Prepared support for signed firmware to increase overall cyber security level. It is planned that the product will only accept AXIS security-signed firmware starting in Q1/Q2 2019 and onwards. Corrections in 8.40.1 ================================================================================ 8.40.1:C1 Corrected an issue with incorrect handling of ACAPs after camera boot. 8.40.1:C2 Corrected an issue that prevented the user from formatting SD cards and the web- interface to show incorrect information about network share status in Settings -> System -> Storage. 8.40.1:C3 Added selection boxes for disabling TLSv1.0 and TLSv1.1 in Settings -> System -> PlainConfig -> HTTPS to enforce the highest possible TLS version for HTTPS-based connections. 8.40.1:C4 Corrected an issue that could cause a network share to become read-only. 8.40.1:C5 Corrected an issue that prevented the overlay to show the correct state of inputs when toggling. 8.40.1:C6 Corrected an issue in the ACAP framework that caused installed ACAPs to become unresponsive and the Apps tab not to be shown correctly. 8.40.1:C7 Corrected an issue that let the network share test under Events -> Recipient fail when a NAS was connected that only supports SMB 1.0 or SMB 2.0. 8.40.1:C8 Corrected an issue that caused AXIS Perimeter Defender or SafeZoneEdge to stop working after a firmware upgrade. 8.40.1:C9 Corrected an issue that caused the certificate signing request not to have an LF (alt. CR-LF) every 64th character causing the certificate considered not being valid e.g. when using symantec certificates. 8.40.1:C10 Corrected an issue that prevented the user from creating a Recipient when a "-" sign was present in the host name. 8.40.1:C11 Corrected an issue that could cause the configuration file upload from ADM to camera to fail. 8.40.1:C12 Corrected an issue that prevented the user to export recordings in the desired time range. 8.40.1:C13 Patched security vulnerability CVE-2018-5390 to increase overall minimum cyber security level. 8.40.1:C14 Patched security vulernability CVE-2018-14526 to increase overall minimum cyber security level. Corrections in 8.30.1 ================================================================================ 8.30.1.1:C1 Corrected an issue that caused the web-interface to show either none or wrong information about the network share status after mounting a share in Settings -> System -> Storage. Previously the user needed to refresh the browser page via F5 in order to get the correct information shown. 8.30.1.1:C2 Corrected an issue that caused AXIS Perimeter Defender or SafeZoneEdge to stop working after a firmware upgrade. 8.30.1.1:C3 Corrected an issue in the ACAP framework that caused installed ACAPs to become unresponsive on rare occasions and the Apps tab to not be shown correctly. 8.30.1.1:C4 #Affected Products #M5525-E Corrected an issue that prevented the camera from finding good focus on rare occasions. 8.30.1:C1 Corrected an issue that could display wrong possible maximum FPS in Settings -> Image. 8.30.1:C2 Corrected an issue that caused the camera to become unresponsive on rare occasions when running ACAPs without specified ApplicationId. 8.30.1:C3 Increased user awareness when converting legacy overlays to dynamic overlays. A restart of ongoing recordings is required after overlay conversion. 8.30.1:C4 Corrected an issue with the Axis event handling interface when deactivating events. 8.30.1:C5 Updated OpenSSL to version 1.0.2o to increase overall minimum cyber security level. Known Bugs/Limitations ================================================================================ 8.40.1.2:L1 It is recommend to refresh the browser with F5 after doing a FW upgrade from FW 6.xx to 8.xx or higher in order to show all the new settings in the web- interface. 8.30.1.1:L1 When using the Edge or Firefox web browser automatic license installation doesn't work as expected. 8.30.1.1:L2 Some parts of the web-interface may not be fully translated. 8.30.1.1:L3 It is not possible to update the product using Genetec 5.7 SR2. Genetec will provide a patch in 5.7 SR3. Supported AXIS VAPIX API Image Resolutions for P1280-E/P1290-E ================================================================================ Resolution Exceptions ========== ========== 640x480 480x360 384x288 320x240 240x180 208x156 176x144 160x120 352x288 1) 352x240 1) 240x135 1) 192x144 1) 176x120 1) 80x60 1) 1) Not visible in web user interface