FIRMWARE RELEASE NOTE ===================== Products affected: AXIS A8004-VE Release date: 2021-01-13 Release type: Production Firmware version: 1.65.5 Preceding release: 1.65.4.2 -------------------------------------------------------------------------------- Upgrade instructions ==================== Upgrade the firmware according to the instructions given in howtoupgrade.txt, which is included in the firmware folder or according to instructions at https://www.axis.com/support/firmware. Corrections in 1.65.5 since 1.65.4.2 ================================= 1.65.5:C1 Corrected an issue that caused old recordings to not be removed after their retention period was expired. 1.65.5:C2 Update libssh2 to version 1.9.0 to increase overall cybersecurity. This update includes correction for CVE-2019-13115. 1.65.5:C3 Added possibility to retrieve the device Owner Authentication Key (OAK) in the web GUI. Note that this functionality requires that the product have direct access to the internet. 1.65.5:C4 Updated OpenSSL to version 1.1.1g to increase overall cybersecurity level. 1.65.5:C5 Updated curl to 7.69.1 to increase overall cybersecurity level. 1.65.5:C6 Updated Apache to version 2.4.43 to increase overall cybersecurity level. 1.65.5:C7 Corrected a streaming issue to handle timestamps correctly after a RTSP:PAUSE/RESUME event. This could cause gaps in recordings when using Axis Media Control (AMC). 1.65.5:C8 Disabled the HTTP Options method in the Apache webserver replies to increase overall cyber security level . 1.65.5:C9 Corrected an issue that prevented video clips to be sent from action rules using HTTPS or Email recipients. 1.65.5:C10 Corrections for the security vulnerability CVE-2019-16275 in wpa_supplicant/hostapd. 1.65.5:C11 Added ProxyDispatcherOnly option to the O3C/AVHS client that can control proxy configurations of dispatcher services. 1.65.5:C12 Corrected an issue that caused the database used to store DHCP adresses to be corrupted during a power cut. 1.65.5:C13 Corrected a streaming issue that caused the RTSP server to omit the RTP-info header on rare occasions. 1.65.5:C14 Updated libcurl to version 7.68 to increase overall cyber security. 1.65.5:C15 Added support for resolve domain name trap addresses in SNMP. 1.65.5:C16 Corrected an issue that caused the test recipient button in the Web GUI to not work properly when setting up an event mail recipient. 1.65.5:C17 Updated OpenSSH to version 7.9p to increase overall cyber security. 1.65.5:C18 Corrected a streaming issue affecting RTSP tunneled via HTTPs. 1.65.5:C19 Corrected an issue that prevented the user to set the time and date manually in the WebGUI. 1.65.5:C20 Updated pjsip to version 2.10 to increase overall cyber security. Known Bugs/Limitations ====================== 1.65.5:L1 Due to the updating of OpenSSL to version 1.1.1g to increase overall cybersecurity level. AXIS QR scanner application version 1.9-10 or older used with AXIS Visitor Access will no longer be supported and needs to upgrade to the latest version. Latest available version can be found here: https://www.axis.com/products/axis-visitor-access 1.65.5:L2 It's recommended to factory default the unit before making a downgrade if needed. 1.65.5:L3 When using mp3 files with other samplerates than the native 16kHz performance might suffer and delays be introduced. 1.65.5:L4 As action rules holds copies of recipient information independentally of the Recipient configuration, it is possible to call a SIP recipient using an action rule despite the recipient is removed in the Recipent configuration. To prevent this, one must remove the recipient from the action rule too. 1.65.5:L5 It is not possible to send both RFC2388 and RFC2976 DTMFs through Asterisk at the same time. This limitation can be avoided by using one of RFC 2388 or RFC 2976. It can also be avoided by using Asterisk to transcode into RFC 2976. 1.65.5:L6 Denied access does not show in access log (System Options>Support>Logs and Reports>Access Log) 1.65.5:L7 When the device is facing up or down, tilt tampering detection fuctionality does not work optimally and may generate to events oftern even though the device is not moved or tilted. (The gravity does not effect the two axis normally used for the tilt detection making it sensitive to noise) NOTE ======================== For latest information about Axis Cybersecurity, see: https://www.axis.com/support/product-security Supported AXIS VAPIX API Image Resolutions for AXIS A8004 ================================================================================ Resolution Exceptions ========== ========== 1280x960 1280x720 1024x768 1024x640 800x600 800x500 800x450 640x480 640x400 640x360 480x360 480x300 480x270 320x240 320x200 320x180 240x180 176x144 160x120 160x100 160x90 1400x1050 1) 768x576 1) 720x576 1) 704x576 1) 704x480 1) 704x288 1) 704x240 1) 384x288 1) 352x288 1) 352x240 1) 240x135 1) 192x144 1) 176x120 1) 80x50 1) 1) Not visible in web user interface