FIRMWARE RELEASE NOTE
======================

Products affected: AXIS P3904-R and AXIS P3905-R/-RE

Release date:      2024-05-22

Release type:      Production

Firmware version:  6.50.5.18

Preceding release: 6.50.5.17

--------------------------------------------------------------------------------

Upgrade instructions
====================

Upgrade the firmware according to the instructions given at
https://www.axis.com/ca/en/support/technical-notes/how-to-upgrade 
or howtoupgrade.txt, which is included in the firmware folder.

NOTE
====================

For latest information about Axis Cybersecurity, see
https://www.axis.com/se/sv/support/product-security.


Corrections in 6.50.5.18 since 6.50.5.17
=========================================

6.50.5.18:C01
General improvements to the platform.

6.50.5.18:C02
Addressed CVE-2024-0066. For more information, please visit the Axis vulnerability
management portal.

6.50.5.18:C03
Updated cURL to version 8.7.1 to increase overall cybersecurity level.

6.50.5.18:C04
Updated OpenSSH to version 9.6p1 to increase overall cybersecurity level.


Corrections in 6.50.5.17 since 6.50.5.16
=========================================

6.50.5.17:C01
General improvements to the platform.

6.50.5.17:C02
Updated curl to version 8.6.0 to increase overall cybersecurity level.

6.50.5.17:C03
Updated OpenSSL to version 1.1.1x to increase overall cybersecurity level.


Corrections in 6.50.5.16 since 6.50.5.15
=========================================

6.50.5.16:C01
General improvements to the platform.

6.50.5.16:C02
Updated Apache to version 2.4.58 to increase the overall cybersecurity level.

6.50.5.16:C03
Netd Service now preserves the static resolver configuration even after a soft restore,
safeguarding static DNS/Search domain settings.

6.50.5.16:C04
Addressed CVE-2024-0054. For more information, please visit the Axis vulnerability
management portal.


Corrections in 6.50.5.15 since 6.50.5.14
=========================================

6.50.5.15:C01
General improvements to the platform.

6.50.5.15:C02
Updated curl to version 8.4.0 to increase overall cybersecurity level.

6.50.5.15:C03
Corrected CVE-2023-21418. For more information, please visit the Axis vulnerability
management portal.


Corrections in 6.50.5.14 since 6.50.5.13
=========================================

6.50.5.14:C01
General improvements to the platform.

6.50.5.14:C02
Updated OpenSSL to version 1.1.1w to increase overall cybersecurity level.

6.50.5.14:C03
Updated CURL to version 8.3.0 to increase overall cybersecurity level.

6.50.5.14:C04
Corrected CVE-2023-21415. For more information, please visit the Axis vulnerability
management portal.


Corrections in 6.50.5.13 since 6.50.5.12
=========================================

6.50.5.13:C01
General improvements to the platform.

6.50.5.13:C02
Resolved an issue where the respawn daemon incorrectly managed restarts for ACAP services,
notably in situations with multiple acaps running simultaneously.

6.50.5.13:C03
Updated OpenSSL to version 1.1.1v to increase the overall cybersecurity level.

6.50.5.13:C04
Updated CURL to version 8.2.0 to increase overall cybersecurity level.


Corrections in 6.50.5.12 since 6.50.5.11
=========================================

6.50.5.12:C01
General improvements to the platform.

6.50.5.12:C02
Added proxy configuration support to the Owner Authentication Key (OAK) cgi using group
root.RemoteService, simplifying setup on networks requiring proxy servers for Internet
access and improving the authentication process.

6.50.5.12:C03
Updated OpenSSL to version 1.1.1u to increase the overall cybersecurity level.

6.50.5.12:C04
Updated Apache to version 2.4.57 to increase overall cybersecurity level.


Corrections in 6.50.5.11 since 6.50.5.10
=========================================

6.50.5.11:C01
General improvements to the platform.

6.50.5.11:C02
Updated curl to version 8.0.1 to increase overall cybersecurity level.

6.50.5.11:C03
Updated Apache to version 2.4.56 to increase overall cybersecurity level.

6.50.5.11:C04
Added support for a second client certificate.


Corrections in 6.50.5.10 since 6.50.5.9
========================================

6.50.5.10:C01
General improvements to the platform.

6.50.5.10:C02
Updated Apache to version 2.4.55 to increase overall cybersecurity level.

6.50.5.10:C03
Corrected an issue affecting some O3C clients, that caused internal authentication
requests to fail after a few days of uptime.

6.50.5.10:C04
Updated OpenSSL to version 1.1.1t to increase the overall cybersecurity level.

6.50.5.10:C05
Updated curl to version 7.88.1 to increase overall cybersecurity level.


Corrections in 6.50.5.9 since 6.50.5.8
=======================================

6.50.5.9:C01
General improvements to the platform.

6.50.5.9:C02
Updated Apache to version 2.4.55 to increase overall cybersecurity level.

6.50.5.9:C03
Updated OpenSSL to version 1.1.1t to increase the overall cybersecurity level.

6.50.5.9:C04
Updated curl to version 7.88.1 to increase overall cybersecurity level.

6.50.5.9:C05
Corrected an issue affecting some O3C clients, that caused internal authentication
requests to fail after a few days of uptime.


Corrections in 6.50.5.8 since 6.50.5.7
=======================================

6.50.5.8:C01
General improvements to the platform.

6.50.5.8:C02
Disabled secure redirects from other network hosts net.ipv4.conf.all.secure_redirects &
net.ipv4.conf.default.secure_redirects to increase overall minimum cybersecurity level.


Corrections in 6.50.5.7 since 6.50.5.6
=======================================

6.50.5.7:C01
General improvements to the LTS-2016 platform.

6.50.5.7:C02
Updated OpenSSL to version 1.1.1s to increase the overall cybersecurity level.

6.50.5.7:C03
Updated curl to version 7.86.0 to increase overall cybersecurity level.

6.50.5.7:C04
Updated Apache to version 2.4.54 to increase overall cybersecurity level.

6.50.5.7:C05
Corrected an issue that caused Audio via external VMS to stop working.

6.50.5.7:C06
Corrected CVE-2018-25032.

6.50.5.7:C07
Corrected an issue that caused a wrong file size to be reported for recordings larger than
50MB when using FTP.

6.50.5.7:C08
Corrected an issue where 802.1X would not trust the intermediate certificate authority
(CA).


Corrections in 6.50.5.6 since 6.50.5.5
=======================================

6.50.5.6:C01
General improvements to the LTS-2016 platform.

6.50.5.6:C02
Updated wpa-supplicant to version 2.10 to increase overall minimum cybersecurity level.

6.50.5.6:C03
Receiving ICMP redirects from other network hosts are now disabled to increase overall
minimum cybersecurity level.

6.50.5.6:C04
Corrected an issue with uploading RSA certificate with PKCS#8 formatted private keys.

6.50.5.6:C05
Corrected an issue that caused the Send images event to stop uploading towards a FTP
server when the filename included a space (" ").

6.50.5.6:C06
Improved handling of empty recordings.

6.50.5.6:C07
Corrected CVE-2019-15916.

6.50.5.6:C08
Upgraded cURL to version 7.79.1 to increase overall cybersecurity level.

6.50.5.6:C09
Corrected CVE-2020-13848.

6.50.5.6:C10
Corrected CVE-2021-29462.

6.50.5.6:C11
Corrected an issue that caused ONVIF AbsoluteMove commands to return a 500 Internal Server
Error.

6.50.5.6:C12
Updated OpenSSL to version 1.1.1o to increase the overall minimum cybersecurity level.

6.50.5.6:C13
Upgraded Apache to version 2.4.53 to increase overall cybersecurity level.

6.50.5.6:C14
Fixed file permission when using disk encryption.


Corrections in 6.50.5.5 since 6.50.5.4
=======================================

6.50.5.5:C01
General improvements to the LTS-2016 platform.

6.50.5.5:C02
Corrected CVE-2021-31986.

6.50.5.5:C03
Corrected CVE-2021-31988.

6.50.5.5:C04
Updated OpenSSL to version 1.1.1l to increase overall minimum cybersecurity level.

6.50.5.5:C05
Corrected CVE-2021-31987.

6.50.5.5:C06
Updated OpenSSH to version 8.6p1 to increase the overall minimum cybersecurity level.

6.50.5.5:C07
Updated curl to version 7.78.0 to increase overall cybersecurity level.

6.50.5.5:C08
Corrected CVE-2019-12450.

6.50.5.5:C09
Extended the 802.1x EAP-Identity field character limit from 32 to 128 characters.

6.50.5.5:C10
Updated Apache to version 2.4.48 to increase overall cybersecurity level.

6.50.5.5:C11
Corrected CVE-2021-27218.

6.50.5.5:C12
Corrected CVE-2021-27219


Corrections in 6.50.5.4 since 6.50.5.3
=======================================

6.50.5.4:C01
General improvements to the LTS-2016 platform.

6.50.5.4:C02
Corrected an issue that caused the value of Quality of Service (QoS) to not be respected
in always multicast mode.

6.50.5.4:C03
Updated OpenSSL to version 1.1.1k to fix CVE-2021-3449 and CVE-2021-3450.

6.50.5.4:C04
Added support for health monitoring using Axis Micron SD card.


Corrections in 6.50.5.3 since 6.50.5.2
=======================================

6.50.5.3:C01
General improvements to the LTS-2016 platform.

6.50.5.3:C02
Updated Apache to version 2.4.46 to increase overall cyber security level.

6.50.5.3:C03
Corrected an issue that caused test button in the webGUI to not work when mounting Network
Attached Storage (NAS) configured with SMB v3.

6.50.5.3:C04
Added a sensitivity parameter to the PlainConfig for Tampering Detection that can now be
adjusted by the user.


Corrections in 6.50.5.2 since 6.50.5.1
=======================================

6.50.5.2:C01
General improvements to the LTS 2016 platform.

6.50.5.2:C02
Update libssh2 to version 1.9.0 to increase overall cybersecurity. This update includes
correction for CVE-2019-13115.

6.50.5.2:C03
Corrected an issue that caused old recordings to not be removed after their retention
period was expired.

6.50.5.2:C04
Added possibility to retrieve the device Owner Authentication Key (OAK) in the web GUI.
Note that this functionality requires that the product have direct access to the internet.

6.50.5.2:C05
Disabled the HTTP Options method in the Apache webserver replies to increase overall cyber
security level.

6.50.5.2:C06
Updated OpenSSL to version 1.1.1g to increase overall cybersecurity level.

6.50.5.2:C07
Updated Apache to version 2.4.43 to increase overall cybersecurity level.

6.50.5.2:C08
Corrected a streaming issue to handle timestamps correctly after a RTSP:PAUSE/RESUME
event. This could cause gaps in recordings when using Axis Media Control (AMC).

6.50.5.2:C09
Updated curl to 7.69.1 to increase overall cybersecurity level.


Corrections in 6.50.5.1 since 6.50.5
=====================================

6.50.5.1:C01
General improvements to the 2016 LTS platform.

6.50.5.1:C02
Corrections for the security vulnerability CVE-2019-16275 in wpa_supplicant/hostapd.

6.50.5.1:C03
Corrected an issue that prevented video clips to be sent from action rules using HTTPS or
Email recipients.

6.50.5.1:C04
Corrected an issue that caused the database used to store DHCP adresses to be corrupted
during a power cut.

6.50.5.1:C05
Added ProxyDispatcherOnly option to the O3C/AVHS client that can control proxy
configurations of dispatcher services.


Corrections in 6.50.5 since 6.50.4.2
=====================================

6.50.5:C01
General improvements to the 2016 LTS platform.

6.50.5:C02
Updated libcurl to version 7.68 to increase overall cyber security.

6.50.5:C03
Corrected a streaming issue that caused the RTSP server to omit the RTP-info header on
rare occasions.

6.50.5:C04
Updated OpenSSH to version 7.9p to increase overall cyber security.

6.50.5:C05
Corrected an issue that caused the test recipient button in the Web GUI to not work
properly when setting up an event mail recipient.

6.50.5:C06
Updated OpenSSL to version 1.1.1d to increase overall cyber security.

6.50.5:C07
Added support for resolve domain name trap addresses in SNMP.

6.50.5:C08
Corrected a streaming issue affecting RTSP tunneled via HTTPs.

6.50.5:C09
Updated wpa-supplicant to version 2.9 to increase overall cyber-security.
The following
security vulnerabilites are included:
CVE-2019-13377
CVE-2019-16275.


Corrections in 6.50.4.2 since 6.50.4.1
=======================================

6.50.4.2:C01
Corrected an issue that prevented the user to set the time and date manually in the
WebGUI.


Corrections in 6.50.4.1 since 6.50.4
=====================================

6.50.4.1:C01
General minor improvements to the 2016 LTS platform.

6.50.4.1:C02
Updated OpenSSL to version 1.0.2t to increase overall minimum cyber security level.

6.50.4.1:C03
Updated Apache to version 2.4.41 to increase overall minimum cyber security level.

6.50.4.1:C04
Updated time zones in date/time settings in web-GUI.

6.50.4.1:C05
Corrected an issue that caused param.cgi to show password in plain text when listing a
specified ACAP parameter.

6.50.4.1:C06
Added support for health status from Western Digital SD-cards.

6.50.4.1:C07
Corrected an issue that caused a reboot of the camera to start an ACAP even though
STARTMODE=never was set in its configuration.

6.50.4.1:C08
Correct an issue that could disconnect the camera from network share drive when CIFS (SMB)
2.x or higher is enable.


Corrections in 6.50.4 since 6.50.3.1
=====================================

6.50.4:C01
General minor improvements to the 6.50 LTS platform.

6.50.4:C02
Increased the limit of concurrent HTTP requests for I/O related VAPIX commands from 4 to
10.

6.50.4:C03
Removed the root users default password in factory defaulted firmware. The password of the
root user must be set first in order to initialize VAPIX and ONVIF interfaces to allow
further configuration. This change only affects products in its factory defaulted state,
products that are already deployed in production systems are not affected by this update
until factory defaulted.

6.50.4:C04
Corrected an issue that prevented the insertion of triggered data in SEI messages when
streaming H.264.

6.50.4:C05
Updated OpenSSL to version 1.0.2s to increase overall minimum cyber security level.

6.50.4:C06
Updated libssh2 to version 1.8.2 due to that version 1.8.1 broke publickey-userauth
requests.

6.50.4:C07
Updated Mozilla ca-certificates to versions available at 20190122.

6.50.4:C08
Corrected security vulnerability in Systemd CVE-2019-6454 to increase overall minimum
cyber security level.


Corrections in 6.50.3.1 since 6.50.3
=====================================

6.50.3.1:C01
General minor improvements to the 6.50 LTS platform.

6.50.3.1:C02
Improved robustness of the O3C client.

6.50.3.1:C03
Updated Apache to version 2.4.39 to increase overall minimum cyber security level.

6.50.3.1:C04
Updated to OpenSSL version 1.0.2r to increase overall minimum cyber security level.

6.50.3.1:C05
Patched the following security vulnerabilities to increase overall minimum cyber security
level: CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3858, CVE-2019-3859,
CVE-2019-3860, CVE-2019-3861, CVE-2019-3862, CVE-2019-3863.

6.50.3.1:C06
Corrected the following vulnerabilities in order to increase overall minimum cyber
security level: CVE-2018-16865, CVE-2018-16866.

6.50.3.1:C07
Corrected an issue that prevented the user from uploading a certificate that contains
“Bag Attributes” before and after the actual certificate content.

6.50.3.1:C08
Corrected an issue that caused event notifications not been triggered on storage
disruption.

6.50.3.1:C09
Corrected an issue with HTTP response which prevented the camera from streaming on rare
occasions.

6.50.3.1:C10
Corrected an issues that could cause an incorrect error message when testing HTTP
recipient.

6.50.3.1:C11
Patched security vulernability CVE-2018-17182 to increase overall minimum cyber security
level.

6.50.3.1:C12
Adjusted re-connection behavior of interrupted AVHS connections on AVHS-server side. The
time between failed connection attempts will now gradually increase until a hard limit is
reached.

6.50.3.1:C13
Patched the security vulnerability CVE-2017-16544 in BusyBox to increase overall minimum
cyber security level.

6.50.3.1:C14
Corrected an issue in the ACAP framework that could cause ACAPs to freeze on rare
occasions.

6.50.3.1:C15
Corrected an issue that could cause corrupted video recordings when UserData or
TriggerData are enabled.


Corrections in 6.50.3 since 6.50.2.3
=====================================

6.50.3:C01
General minor improvements to the 6.50 LTS platform.

6.50.3:C02
Corrected an issue that could cause incorrect snapshot resolutions on view areas.

6.50.3:C03
Corrected an issue with the Axis event handling interface when deactivating events.

6.50.3:C04
Updated apache webserver to version 2.4.33 to increase overall minimum cyber security
level.

6.50.3:C05
Corrected an issue with incorrect handling of ACAPs after camera boot.

6.50.3:C06
Added Perfect Forward Secrecy ciphers (DHE-RSA) to the ciphers selection.

6.50.3:C07
Patched security vulernability CVE-2018-14526 to increase overall minimum cyber security
level.

6.50.3:C08
Updated OpenSSL to version 1.0.2o to increase overall minimum cyber security level.

6.50.3:C09
Added selection boxes for disabling TLSv1.0 and TLSv1.1 in Settings -> System ->
PlainConfig -> HTTPS to enforce the highest possible HTTPS negotiation client handshake
via TLSv1.2.

6.50.3:C10
Corrected an issue causing CIFS networkshare to become read only on mount on rare
occasions.

6.50.3:C11
Added a Storage Stability Helper service for better handling of Network Shares.

6.50.3:C12
Updated Video Motion Detection to version 4.2.3.


Corrections in 6.50.2.3 since 6.50.2.2
======================================

6.50.2.3:C01
General minor improvements to the 6.50 LTS platform.

6.50.2.3:C02
Corrected an issue that let a user modify capture mode without performing the required
restart during the initial set up of the camera.

6.50.2.3:C03
Corrected an issue that caused black images on rare occasions when high loads of Events
are sent to the camera.

6.50.2.3:C04
Support for zoom-tracking in Recorded Guard Tour. Previously only pan/tilt movements were
recorded.

6.50.2.3:C05
Corrected an issue that caused problems when testing multiple Email recipients.

6.50.2.3:C06
Corrected an issue in the trigger data that set Video loss to "Disconnected" as default
initial state even when the camera is initially connected.

6.50.2.3:C07
Corrected an issue that could cause e-mail recipients to not be formatted correctly.

6.50.2.3:C08
Corrected an issue that could cause synchronization to AVHS to fail.

6.50.2.3:C09
Corrected an issue that caused the camera to become unresponsive on rare occasions when
connected to an AVHS system.

6.50.2.3:C10
Updated AXIS Video Motion Detection to version 4.2.

6.50.2.3:C11
Updated AXIS Media Control (AMC) version to 7.3.10.1.

6.50.2.3:C12
Corrected critical vulnerability ACV-128401.

6.50.2.3:C13
Corrected an issue that prevented the user to add the camera to Genetec when HTTPS was
used.

6.50.2.3:C14
Adds PID/program name to network connection list in the Server Report.

6.50.2.3:C15
Corrected an issue that let the AXIS Camera Station failover recording not start instantly
on rare occasions.

6.50.2.3:C16
Corrected an issue that caused the camera to stop streaming on rare occasions.


Corrections in 6.50.2.2 since 6.50.2.1
======================================

6.50.2.2:C01
Corrected an issue that let the AXIS Camera Station failover recording not start instantly
in rare occasions.

6.50.2.2:C02
The Apache webserver has been updated to version 2.4.29 to increase overall minimum
cybersecurity standards.

6.50.2.2:C03
Updated AXIS Video Motion Detection to version 4.1.8.

6.50.2.2:C04
Corrected an issue that prevented the user from login via SSH to the camera after updating
to 6.50.2.

6.50.2.2:C05
- Affects AXIS Q6128-E and AXIS P1428-E only -
Improved the handling of prioritized
overlays.

6.50.2.2:C06
- Affects AXIS Q6000-E only -
Corrected an issue that let the remote vapix client to
become unresponsive after a power loss.

6.50.2.2:C07
- Affects AXIS F-series products only -
Corrected an issue causing the camera images to
flash during the synchronization of multiple sensors under bright light or direct
sunlight.

6.50.2.2:C08
- Affects AXIS P1427-LE only -
Corrected an issue that let the camera showing over-exposed
images in rare occasions.

6.50.2.2:C09
Updated R2 GlobalSign Root Certificate to version 20170717. Required to enable Email
recipients using 'Validate server certificate'.

6.50.2.2:C10
Added support for certificates with expiration dates beyond year 2038.


Corrections in 6.50.2.1 since 6.50.2
====================================

6.50.2.1:C01
Corrected an issue that made it impossible to play recordings from the camera in Genetec
via ONVIF Profile G.

6.50.2.1:C02
Support for HTTP keep-alive connections via ONVIF. lowers the risk for security focused
network infrastructure or unstable networks to block or drop PTZ control commands.

6.50.2.1:C03
- Affects PTZ products only - 
Corrected an issue that let the PTZ control queue ignore an
an anonymous viewer account and deny PTZ control.

6.50.2.1:C04
Improved camera upgrade stability when configuration files become corrupt in rare
occasions.

6.50.2.1:C05
Improved user notification when creating a E-mail recipient that contains wrong domain
information.

6.50.2.1:C06
Corrected an issue that removed an unnecessary warning which was printed in the system log
when a user creates an action rule sending HTTP notification with custom parameter.

6.50.2.1:C07
Product has passed IPv6 compliance.

6.50.2.1:C08
Corrected an issue that displayed system-only users as well under System Options ->
Support -> System Overview.

6.50.2.1:C09
Improved stability when sending VAPIX commands through actionengined.

6.50.2.1:C10
Corrected an issue that caused a wrong time on the camera when Turkey timezone was
configured and Daylight Saving Time was enabled.

6.50.2.1:C11
- Affects Q1765-LE PT Mount only - 
Support for 90/270 degrees rotation.

6.50.2.1:C12
- Affects P12-Mkii Only- 
Correcting an image issue when using sensor head FA1105.

6.50.2.1:C13
- Affects PTZ products only - 
Corrected an issue that caused guard tours to stop running
in rare occasions.

6.50.2.1:C14
- Affects PTZ products only - 
Corrected an issue that could cause a crash in PTZ ACAPs in
rare occasions.

6.50.2.1:C15
- Affects PTZ products only - 
Corrected an issue that caused ACAPs that utilize the PTZ
API to stop working in rare occasions.

6.50.2.1:C16
Improved camera stability when using liblicensekey.

6.50.2.1:C17
- Affects AXIS P1364 AXIS P1365 Mk II AXIS Q1635 - 
Support for T99Axx via APTP uploadable
PTZ drivers.


Corrections in 6.50.2 since 6.50.1 
====================================

6.50.2 release includes all corrections in 6.50.1.x releases as below.

====================================



Corrections in 6.50.1.3 since 6.50.1.2
======================================

6.50.1.3:C01
Corrected a bug that resulted in 503 Service Unavailable when trying to play a
recording from a camera with a specific time range via ONVIF.

6.50.1.3:C02
Corrected a bug that added an additional / in the absolute upload path of an
SFTP Recipient when saving the action rule causing it to not work correctly.

6.50.1.3:C03
Corrected a bug that prevented the user from seeing the ACAP running status and
re-added the Main Page link to open a ACAP in the web-interface under Setup ->
Applications.

6.50.1.3:C04
Corrected a bug that let the camera send corrupted XML data packages within a
stream which caused a VMS to not record video motion detection coming
from the camera.

6.50.1.3:C05
The license expiration date of an installed ACAP is now shown correctly again
when running http://ip-address/axis-cgi/applications/list.cgi.

6.50.1.3:C06
The correct IPv6 router IP-addresses are now shown correctly in the network
interface of the web-interface and in ONVIF responses.

6.50.1.3:C07
Adjusted the system log messages for the NTP daemon to be more specific and
highlight that there is a time drift instead of an "adjustment".

6.50.1.3:C08
Corrected an issue that delivered E-Mails send from the camera with a wrong time
zone in the e-mail header.

6.50.1.3:C09
Corrected an issue that delivered E-Mails send from the camera with a wrong time
stamp in the e-mail header.

6.50.1.3:C10
Corrected an issue with FTP recipients configured with a DNS name instead of a
static IP-address which caused the FTP recipient test or action rule to fail.

6.50.1.3:C11
Upgrade SSL negotiation in the AVHS client to SSLv23 instead of the deprecated TLSv1.

6.50.1.3:C12
Improved connection handling with Honeywell applications.

6.50.1.3:C13
Updated Apache web server to version 2.4.27 to improve overall minimum cyber
security standards.

6.50.1.3:C14
The triple DES cipher is not selected as DEFAULT in the HTTPS settings to
increase overall cyber security level.

6.50.1.3:C15
OpenSSL has been updated to version 1.0.2k to increase overall minimum cyber
security level.

6.50.1.3:C16
Improved certificate handling. Certificates were previously not usable anymore
when updating straight from FW 5.40 to 6.50.

6.50.1.3:C17
Corrected an issue that changed the IDs of certificates to numbers instead of
keeping the original name.

6.50.1.3:C18
Updated the Portable UPnP SDK to 1.6.22 to increase the overall cyber security
level.

6.50.1.3:C19
Corrected critical vulnerability ACV-120444.

6.50.1.3:C20
Corrected security vulnerability CVE-2016-2147.

6.50.1.3:C21
Corrected security vulnerability CVE-2016-2148.




Corrections in 6.50.1.2 since 6.50.1.1
======================================

6.50.1.2:C01
Fixed a bug that prevented a ONVIF client to connect to the camera via digest
authentication.

6.50.1.2:C02
Fixed critical vulnerability ACV-116267.




Corrections in 6.50.1.1 since 6.50.1
====================================

6.50.1.1:C01
Improved stability for TCP notifications.

6.50.1.1:C02
Improved HTTP image upload stability in unstable networks.

6.50.1.1:C03
Improved camera stability when metadata is used.

6.50.1.1:C04
Optimized privacy mask positioning.

6.50.1.1:C05
Corrected Turkey/Istanbul timezone from GMT+2 to GMT+3.

6.50.1.1:C06
Improved camera stability when TriggerData is used.

6.50.1.1:C07
Improved loading of the web interface in unstable networks.

6.50.1.1:C08
Support for recordings with G711 µ-law audio encoding.

6.50.1.1:C09
Corrected a bug that prevented from saving an action rule with a mail recipient
that had SSL enabled.

6.50.1.1:C10
PTZ presetposall returns correct preset name.

6.50.1.1:C11
Fixed a bug that let HTTP notification action rules stop retrying from
contacting the receiving server after a failed attempt.

6.50.1.1:C12
Corrected a bug in the event system that prevented the camera from re-sending
the SMTP notification every 10 seconds in case the receiving server reported an
error.

6.50.1.1:C13
Added support to adjust the temporal noise filter.


Known Bugs/Limitations
======================

6.50.4.1:L1
It's recommended to factory default the unit before making a downgrade if
needed.

6.50.4.1:L2
Recording streams to SD card with a total bit rate above 12Mbit/sec may cause
missing frames/sequences.

6.50.4.1:L3
When changing an active https-certificate, the product needs to be restarted for
the new certificate to be applied.


Supported AXIS VAPIX API Image Resolutions for AXIS P3904-R and AXIS P3905-R/-RE
================================================================================

Resolution  Exceptions
==========  ==========

1920x1080   3)
1280x960    3)
1280x800    3)
1280x720
1024x768
1024x640
800x600
800x500
800x450
640x480
640x400
640x360
480x360
480x300
480x270
320x240
320x200
320x180
240x180
176x144
160x120
160x100
160x90

1400x1050   1) 3)
1440x900    1) 3)
768x576     1)
720x576     1)
704x576     1)
704x480     1)
704x288     1)
704x240     1)
384x288     1)
352x288     1)
352x240     1)
240x135     1)
192x144     1)
176x120     1)
80x50       1)

1) Not visible in web user interface
3) 1080p 1920x1080 (16:9)