FIRMWARE RELEASE NOTE ===================== Products affected: M2025-LE Release date: 2020-04-03 Release type: Production Firmware version: 9.70.1.5 Preceding release: 9.70.1 -------------------------------------------------------------------------------- Upgrade instructions ==================== Upgrade the firmware according to the instructions given at https://www.axis.com/ca/en/support/tecnical-notes/how-to-upgrade or howtoupgrade.txt, which is included in the firmware folder. Features in 9.70.1 ================================================================================ 9.70.1:F1 Added support for resolve domain name trap addresses in SNMP. 9.70.1:F2 SEI (Supplemental enhancement information) messages is since 9.60.1 included in recorded H.264 videos. 9.60.1:F1 Added possibility to select stream profile for continuous recordings. 9.60.1:F2 Added possibility to set image rotation in ONVIF media profiles. 9.60.1:F3 Added Geolocation API. See VAPIX documentation for more information. 9.60.1:F4 Added possibility to copy action rules, schedules and recipients. 9.60.1:F5 Updated Video Motion Detection to version 4.4.3. 9.60.1:F6 Added NTP synchronization status to VAPIX Time API. 9.50.1:F1 Added support for setting image frequency in action rules. 9.50.1:F2 Updated Apache to version 2.4.41 to increase overall minimum cyber security level. 9.50.1:F3 Updated OpenSSL to version 1.1.1d to increase overall minimum cyber security level. 9.50.1:F4 Updated Video Motion Detection to version 4.4.2. 9.50.1:F5 Added possibility to disable the web UI to increase overall minimum cyber security level. The web UI can be disabled under System -> PlainConfig -> System -> System WebInterface Disabled. To enable the web UI after it has been disabled, the VAPIX parameterSystem.WebInterfaceDisabled must be set to "no". 9.40.1:F1 Added support for search functionality in help files. 9.40.1:F2 Added support for systemready.cgi which will improve re-connection of the browser to the web-interface after e.g. powercyle or restart of the product. 9.40.1:F3 Added support for average bitrate control (ABR). 9.40.1:F4 Added support for automatic firmware rollback verfication. The user can chose to select this option prior to performing an firmware upgrade. When chosen, the product will perform the upgrade and then wait a pre-defined time for the user to acknowledge the upgrade in the web-interface. If not acknowledged in time,the product will rollback to its previous firmware. 9.40.1:F5 Added support for the possibility to configure a secondary NTP server in web- interface under Settings -> System -> Date & Time or via VAPIX Time API. 9.40.1:F6 Removed the root users default password in factory defaulted firmware. The password of the root user must be set first in order to initialize VAPIX and ONVIF interfaces to allow further configuration. This change only affects products in its factory defaulted state, products that are already deployed in production systems are not affected by this update until factory defaulted. For more information please see https://www.axis.com/support/faq/FAQ116429. 9.40.1:F7 Added support for uploading custom firmware certificates in the web- interface under Settings -> System -> Security in order to allow the Axis product to accept AXIS developer firmware during firmware upgrade. 9.40.1:F8 Added support for millisecond timestamps in JPEG header. 9.30.1:F1 Added an API for mDNS-SD. 9.30.1:F2 TLS1.0 and TLS1.1 is now disabled by default. 9.30.1:F3 Added support for source-specific multicast (SSM) via http://ip-address/axis- media/ssm/media.amp. The following parameters need to be configured prior to initiating a videostream via SSM: Network.RTP.R#.VideoAddressNetwork.RTP.R#.VideoPortNetwork.RTP.R#.AudioAdressNetwork.RTP.R#.AudioPort 9.30.1:F4 Added support for TLSv1.3. 9.30.1:F5 The classic GUI has been deprecated and is now removed to increase overall cyber security level. 9.30.1:F6 Upgraded Apache to version 2.4.39 to increase overall minimum cyber security level. 9.30.1:F7 Updated Video Motion Detection to version 4.3.5. 9.30.1:F8 It is now possible to upload .PFX formatted certificates with a total size of 102400 bytes. The previous limit was 1/10 of it. 9.30.1:F9 Added support for "Wait at least time x" before re-running an configured actionrule. 9.20.1:F1 Firmware is now signed by AXIS to increase overall minimum cyber security level. More information about Signed Firmware can be found here https://www.axis.com/support/faq/FAQ116424. 9.20.1:F2 Added support for dynamic power allocation via Link Layer Discovery Protocol(LLDP) in addition to PoE-class based power allocation. This allows the switch to allocate less power to the camera and potentially a greater number of PoE devices can be connected to the switch. LLDP can be enabled in Settings -> System -> PlainConfig -> Network -> LLDP POE-> LLDP Send Max PoE. 9.20.1:F3 Upgraded Apache to version 2.4.38 to increase overall minimum cyber security level. 9.20.1:F4 Updated Video Motion Detection to version 4.3.4. 9.20.1:F5 Added support for signed ACAP applications. 9.20.1:F6 Updated OpenSSL to version 1.1.1a to increase overall minimum cyber security level. 9.10.1:F1 The following legacy VAPIX parameter have been removed due to non- usage: Network.DHCP.FqdnNetwork.DHCP.IPCheckEnabledNetwork.DHCP.RetriesNetwork.DHCP.StoreIPAddresseth0Network.DHCP.StoreIPAddresseth1Network.DHCP.Timeout 9.10.1:F2 Updated Video Motion Detection to version 4.3.3. 9.10.1:F3 Upgraded Apache to version 2.4.37 to increase overall minimum cyber security level. 9.10.1:F4 Firwmare Recovery will also rollback the previous state of applications (ACAPs) now. Corrections in 9.70.1.5 ================================================================================ 9.70.1.5:C1 Improved system stability. Corrections in 9.70.1 ================================================================================ 9.70.1:C1 Improved video streaming robustness in unstable network environments. 9.70.1:C2 Corrected a streaming issue that caused the RTSP server to omit the RTP-info header on rare occasions. This correction was already included in 9.60 but was missed in the release notes. 9.70.1:C3 Improved cyber security by adding the possibility to disable Web-Service Discovery (WS-Discovery). 9.70.1:C4 Corrected an issue that caused the EAP-START package not to be sent during IEEE 802.1x port authentication upon network link state change. 9.70.1:C5 Corrected an issue that removed information about recipients in the server report. 9.70.1:C6 Corrected a streaming issue affecting RTSP tunneled via HTTPs. 9.70.1:C7 Corrected an issue with streaming H.264 using Axis T8705 with User Data enabled. 9.70.1:C8 Corrected an issue that caused configured view areas to change its size after an firmware upgrade has been performed. 9.70.1:C9 Corrected Vendor class identifier for DHCP negotiation. 9.60.1:C1 Corrected an issue that caused the HTTP recipient URL to be cropped. 9.60.1:C2 Corrected the following security vulnerabilities: CVE-2019-13377 CVE-2019-16275 9.50.1:C1 Improved Tampering Detection. 9.50.1:C2 Corrected an issue that could cause the web-interface to freeze upon action rule configuration with Fence Guard. 9.50.1:C3 Improved recording robustness in the event of temporary storage loss. 9.50.1:C4 Increased the limit of concurrent HTTP requests for I/O related VAPIX commands from 4 to 10. 9.50.1:C5 The deprecated parameter HTTPS.AllowSSLV3 has been removed completely now. 9.50.1:C6 Corrected an issue that on rare occasions caused the image to go grey when streaming JPEG. 9.40.1:C1 Removed a unecessary warning text for a user when setting up a action rule that requires a stream profile while it is actually already in place. 9.40.1:C2 Corrected an issue that made it possible to add a action rule recipient without nice-name via API. 9.30.1:C1 Corrected an issue that prevented the user from exporting recordings when the camera was configured to Alaska timezone. 9.30.1:C2 Corrected an issue that prevented the user to play recordings as a viewer. 9.30.1:C3 Extended the charater limits for query string suffix in action rules in order to allow for longer URLs. 9.20.1:C1 Corrected an issue that could cause the camera to get unresponsive when two clients are streaming over multicast using the same streaming parameters. 9.10.1:C1 Corrected an issues that could cause an incorrect error message when testing HTTP recipient. 9.10.1:C2 Increased the character limit for certificate IDs from 32 to 128 characters. 9.10.1:C3 Corrected an issue that caused RTSP client timeout to be delayed. 9.10.1:C4 Corrected an issue that caused an HTTP-recipient based action rule to fail when the response from the server excluded the textual phrase (Example: HTTP 200). This will work now. 9.10.1:C5 Corrected an issue that caused the temperature information delivered via SNMP OID to be corrupted. Known Bugs/Limitations ================================================================================ 9.70.1:L1 It is not possible to upgrade the product from 9.60 to any other release while having SOCKS proxy configured in the product. 9.40.1:L1 There might be event settings available that is not applicable to the product with the current setup. 9.30.1:L1 There might be features currently explained in the help files that may not be supported by the camera. 9.10.1:L1 It is recommended to perform firmware recovery to rollback the products firmware to a previous version. Downgrading the products firmware through the usual firmware upgrade process can cause configuration and ACAP loss. It is recommended to perform a factory default afterwards. Supported AXIS VAPIX API Image Resolutions for M2025-LE ================================================================================ Resolution Exceptions ========== ========== 1920x1080 1280x960 1280x800 1280x720 1024x768 1024x640 800x600 800x500 800x450 640x480 640x400 640x360 480x360 480x300 480x270 320x240 320x200 320x180 240x180 160x120 160x100 160x90 768x576 1) 720x576 1) 704x576 1) 704x480 1) 704x288 1) 704x240 1) 384x288 1) 352x288 1) 352x240 1) 192x144 1) 176x144 1) 176x120 1) 80x50 1) 1) Not visible in web user interface