FIRMWARE RELEASE NOTE ======================== Products affected: P1455-LE-3 Release date: 2021-09-20 Release type: Production Firmware version: 10.7.0 Preceding release: 10.6.7 -------------------------------------------------------------------------------- Upgrade recommendations ======================== When updating the device, it is recommended to do an intermediate upgrade using an available AXIS OS LTS-release on the way to the desired AXIS OS version. For example, if the device currently is running AXIS OS 7.40 and you want to upgrade to the latest AXIS OS Active Track (Example: 10.1, October 2020) then you should do the upgrade in these steps: 7.40 => 8.40 LTS => 9.80 LTS => 10.1. More detailed recommendations can be found in the AXIS OS portal at https://www.axis.com/support/firmware. Upgrade the firmware according to the instructions given in howtoupgrade.txt, which is included in the firmware folder or according to instructions at https://www.axis.com/support/firmware. NOTE ======================== For latest information about Axis Cybersecurity, see: https://www.axis.com/support/product-security New features in 10.7.0 ================================================================================ 10.7.0:F1 ACAPs containing a manifest.json file are now fully supported. The manifest.json file contains settings and parameters for the application. The older package.conf file is still supported. 10.7.0:F2 Axis Object Analytics 1.0.28 is preinstalled. - Relaxed requirements on cgi calls with empty "params" field to match documented VAPIX API. - Fix for buildup of consumed memory over time when specifically using AnyMotion in a crowded scene. 10.7.0:F3 Added support for .ogg and .opus encoded mediaclips. 10.7.0:F4 Net-SNMP is now the new SNMP backend for AXIS OS devices and will replace the legacy SNMP backend that was used previously. Net-SNMP provides significant higher security mechanism and authentication for SNMPv3 than previously could be provided. Highlights and other changes: - The default "initial"-user is now pre-configured with SHA-1 and AES-128 authentication/privacy compared to MD5 and DES previously. A factory default is required in order to use the new security settings. - Added support for SHA-1, SHA-256, SHA-384, SHA-512 for authentication and AES-128, AES-256 for privacy. For additional configuration of these methods, please contact the Axis Support Helpdesk. - A firmware upgrade to AXIS OS 10.7 with SNMP enabled will migrate the configured SNMP settings except the SNMPv3 user access configuration. - Added support for switching between either UDP or TCP as transport protocol during runtime via the VAPIX parameter SNMP.TransportProtocol in Plain Config -> SNMP - Multiple SNMPv3 users as well as corresponding different access-role configurations are currently not supported. 10.7.0:F5 Added support for MQTT subscription. With this support, it will be possible to use incoming MQTT messages as action triggers in the rule engine of the new preview web GUI. 10.7.0:F6 Extended the 802.1x EAP-Identity field character limit from 32 to 128 characters. 10.7.0:F7 Added optional API status property in VAPIX API Discovery JSON response body. 10.7.0:F8 Updated Apache to version 2.4.48 to increase overall cybersecurity level. 10.7.0:F9 Updated OpenSSL to version 1.1.1l to increase overall minimum cybersecurity level. 10.7.0:F10 Updated Video Motion Detection to version 4.5.1. Fixed a streaming issue on configuration web page on some products. Features in 10.6.7 ================================================================================ 10.6.0:F1 MQTT subscription support added. With this support, it will be possible to use incoming MQTT messages as action triggers in the rule engine. 10.6.0:F2 Added the possibility to show Day night Information switch in overlay text by using #dn. This will show both the current value and the threshold value for the day/night change. 10.6.0:F3 Updated AXIS License Plate Verifier to 2.1.0. 10.6.0:F4 Added option to select which overlay should be used in a stream profile. 10.6.0:F5 Added "Audio clip playing" as a new condition in event system. 10.6.0:F6 HTTPS Ciphers are checked and unsupported ciphers removed on standard firmware upgrade 10.6.0:F7 Added a parameter to disable Apache & OpenSSL version in HTTP(S) responses in Plain Config -> System. 10.6.0:F8 Upgraded OpenSSL to 1.1.1k to increase overall minimum cyber security level. 10.6.0:F9 Updated Video Motion Detection to version 4.5.0. 10.6.0:F10 Added support for ONVIF profile M 10.6.0:F11 Support of stream specific legacy overlay is removed on Artpec platform. With this change, the URL option for both legacy image and text overlay will not be supported any more on Artpec platform. 10.5.0:F1 RTSP and HTTP stream URL:s now allow for filtering overlays based on overlay type. This is done by setting 'overlays=' in the URL (only one value). 10.5.0:F2 OpenSSL upgraded to 1.1.1j to fix CVE-2021-23841 and CVE-2021-23840. Corrections in 10.7.0 ================================================================================ 10.7.0:C1 Corrected CVE-2021-31986. 10.7.0:C2 Corrected CVE-2021-31987. 10.7.0:C3 Corrected CVE-2021-31988. 10.7.0:C4 Corrected an issue that prevented legacy motion detection from working. 10.7.0:C5 Corrected an issue with MQTT subscriptions when reconnecting. 10.7.0:C6 Corrected MQTT default message so it no longer starts with an empty string. 10.7.0:C7 Corrected an issue that caused the "Anonymous viewer" functionality to be removed after upgrade to 10.6.0. 10.7.0:C8 Corrected an issue that interrupted the NTP-time-sync between the Axis device and NTP-server when the NTP-server was operating instable and suffered fluctuating time-changes. 10.7.0:C9 Audio now uses the new audiodevicecontrol.cgi instead of the old API. This means that the gain values may be different in the GUI, but the actual audio level should be the same as before. 10.7.0:C10 Corrected an issue that prevented the Sound Intelligence Sound Detector ACAP to get an audio stream. 10.7.0:C11 Improved RTP timestamp accuracy for metadata streams. 10.7.0:C12 Corrected an issue that could cause an RTSP stream to stop after 60+ seconds if streamed to an openRTSP client. Corrections in 10.6.7 ================================================================================ 10.6.7:C1 Corrected an issue with MQTT subscriptions when reconnecting. 10.6.7:C2 General improvements in streaming management. 10.6.2:C1 General improvements in streaming management. 10.6.0:C1 Improved Motion Detection to handle scenes with extreme lighting changes , improving general behavior for applications that make use of this engine and data. 10.6.0:C2 Corrected an issue that did not account for MTU packet fragmentation for IEEE 802.1x authentication. Previously the Axis device was not able to authenticate properly against an 802.1x network when the MTU was configured to 1410 or lower. 10.6.0:C3 Corrected an issue that on some occasions could prevent export of a part of a recording. 10.6.0:C4 Corrected an issue that in combination with some VMSes and low resolution could cause brief disconnections in the video stream. 10.5.2:C1 Corrected an issue that on some occasions prevented an upgrade to firmware version 10.5.0. 10.5.2:C2 Corrected an issue that could cause O3C-based connections with the device to be interrupted. 10.5.0:C1 Increased the number of allowed characters for event condition name to 512. 10.5.0:C2 Corrected an issue that prevented the use of some special characters in ONVIF passwords. 10.5.0:C3 Corrected an issue that prevented the Axis device to respond with HTTP 403 Forbidden when the source-ip address was blocked when using PreventDOSAttack in Plain Config -> System. Previously HTTP 401 Unauthorized was returned. Known Bugs/Limitations ================================================================================ 10.4.0.1:L1 AXIS License Plate Verifer does not support corridor format 90/270 image rotation. 10.4.0.1:L2 Install-package.sh warning messages in the system log are just prints and not harmful. Supported AXIS VAPIX API Image Resolutions for P1455-LE-3 ================================================================================ Resolution Exceptions Capture mode ------------ ------------ -------------- 1920x1080 2) 3) 1280x960 2) 3) 1280x800 2) 3) 1280x720 2) 3) 1024x768 2) 3) 1024x640 2) 3) 800x600 2) 3) 800x500 2) 3) 800x450 2) 3) 640x480 2) 3) 640x400 2) 3) 640x360 2) 3) 480x360 2) 3) 480x300 2) 3) 480x270 2) 3) 320x240 2) 3) 320x200 2) 3) 320x180 2) 3) 240x180 2) 3) 160x120 2) 3) 160x100 2) 3) 160x90 2) 3) 768x576 1) 2) 3) 720x576 1) 2) 3) 704x576 1) 2) 3) 704x480 1) 2) 3) 704x288 1) 2) 3) 704x240 1) 2) 3) 384x288 1) 2) 3) 352x288 1) 2) 3) 352x240 1) 2) 3) 192x144 1) 2) 3) 176x144 1) 2) 3) 176x120 1) 2) 3) 80x50 1) 2) 1) Not visible in web user interface 2) 1920x1080 (16:9) @ 25/30 fps 3) 1920x1080 (16:9) @ 50/60 fps (no WDR)