FIRMWARE RELEASE NOTE ===================== Products affected: COMPANION CUBE LW Release date: 2019-12-20 Release type: Production Firmware version: 9.60.1 Preceding release: 9.50.1 -------------------------------------------------------------------------------- Upgrade instructions ==================== Upgrade the firmware according to the instructions given at https://www.axis.com/ca/en/support/tecnical-notes/how-to-upgrade or howtoupgrade.txt, which is included in the firmware folder. New features in 9.60.1 ================================================================================ 9.60.1:F1 Added possibility to select stream profile for continuous recordings. 9.60.1:F2 Added possibility to set image rotation in ONVIF media profiles. 9.60.1:F3 Added Geolocation API. See VAPIX documentation for more information. 9.60.1:F4 Added possibility to copy action rules, schedules and recipients. 9.60.1:F5 Updated Video Motion Detection to version 4.4.3. 9.60.1:F6 Added NTP synchronization status to VAPIX Time API. Features in 9.50.1 ================================================================================ 9.50.1:F1 Added support for setting image frequency in action rules. 9.50.1:F2 Updated Apache to version 2.4.41 to increase overall minimum cyber security level. 9.50.1:F3 Updated OpenSSL to version 1.1.1d to increase overall minimum cyber security level. 9.50.1:F4 Updated Video Motion Detection to version 4.4.2. 9.50.1:F5 Added possibility to disable the web UI to increase overall minimum cyber security level.The web UI can be disabled under System -> PlainConfig -> System -> System WebInterface Disabled. To enable the web UI after it has been disabled, the VAPIX parameterSystem.WebInterfaceDisabled must be set to "no". 9.40.1:F1 Added support for search functionality in help files. 9.40.1:F2 Added support for systemready.cgi which will improve re-connection of the browser to the web-interface after e.g. powercyle or restart of the product. 9.40.1:F3 Added support for automatic firmware rollback verfication. The user can chose to select this option prior to performing an firmware upgrade. When chosen, the product will perform the upgrade and then wait a pre-defined time for the user to acknowledge the upgrade in the web-interface. If not acknowledged in time,the product will rollback to its previous firmware. 9.40.1:F4 Added support for the possibility to configure a secondary NTP server in web- interface under Settings -> System -> Date & Time or via VAPIX Time API. 9.40.1:F5 Removed the root users default password in factory defaulted firmware. The password of the root user must be set first in order to initialize VAPIX and ONVIF interfaces to allow further configuration. This change only affects products in its factory defaulted state, products that are already deployed in production systems are not affected by this update until factory defaulted. For more information please see https://www.axis.com/support/faq/FAQ116429. 9.40.1:F6 Added support for uploading custom firmware certificates in the web- interface under Settings -> System -> Security in order to allow the Axis product to accept AXIS developer firmware during firmware upgrade. 9.40.1:F7 Added support for millisecond timestamps in JPEG header. 9.30.1:F1 TLS1.0 and TLS1.1 is now disabled by default. 9.30.1:F2 Added support for TLSv1.3. 9.30.1:F3 Upgraded Apache to version 2.4.39 to increase overall minimum cyber security level. 9.30.1:F4 Updated Video Motion Detection to version 4.3.5. 9.30.1:F5 It is now possible to upload .PFX formatted certificates with a total size of 102400 bytes. The previous limit was 1/10 of it. 9.30.1:F6 Added support for "Wait at least time x" before re-running an configured actionrule. 9.20.1:F1 Firmware is now signed by AXIS to increase overall minimum cyber security level. More information about Signed Firmware can be found here https://www.axis.com/support/faq/FAQ116424. 9.20.1:F2 Upgraded Apache to version 2.4.38 to increase overall minimum cyber security level. 9.20.1:F3 Updated Video Motion Detection to version 4.3.4. 9.20.1:F4 Updated OpenSSL to version 1.1.1a to increase overall minimum cyber security level. 9.10.1:F1 The following legacy VAPIX parameter have been removed due to non- usage:Network.DHCP.FqdnNetwork.DHCP.IPCheckEnabledNetwork.DHCP.RetriesNetwork.DHCP.StoreIPAddresseth0Network.DHCP.StoreIPAddresseth1Network.DHCP.Timeout 9.10.1:F2 Updated Video Motion Detection to version 4.3.1. 9.10.1:F3 Upgraded Apache to version 2.4.37 to increase overall minimum cyber security level. 9.10.1:F4 Firwmare Recovery will also rollback the previous state of applications (ACAPs)now. Corrections in 9.60.1 ================================================================================ 9.60.1:C1 Corrected an issue that caused the HTTP recipient URL to be cropped. 9.60.1:C2 Corrected the following security vulnerabilities: CVE-2019-13377 CVE-2019-16275 Corrections in 9.50.1 ================================================================================ 9.50.1:C1 Improved recording robustness in the event of temporary storage loss. 9.50.1:C2 Increased the limit of concurrent HTTP requests for I/O related VAPIX commandsfrom 4 to 10. 9.50.1:C3 The deprecated parameter HTTPS.AllowSSLV3 has been removed completely now. 9.50.1:C4 Corrected an issue that could cause wireless configuration loss during firmware upgrade when the product was paired via WPS. 9.40.1:C1 The VAPIX parameter AudioSource.A0.InputType has now "internal" as default valueinstead of "mic". 9.40.1:C2 Removed a unecessary warning text for a user when setting up a action rule that requires a stream profile while it is actually already in place. 9.40.1:C3 Corrected an issue that made it possible to add a action rule recipient without nice-name via API. 9.30.1:C1 Corrected an issue that prevented the user from exporting recordings when the camera was configured to Alaska timezone. 9.30.1:C2 Corrected an issue that prevented the user to play recordings as a viewer. 9.30.1:C3 Extended the charater limits for query string suffix in action rules in order to allow for longer URLs. 9.20.1:C1 Corrected an issue that could cause the camera to get unresponsive when two clients are streaming over multicast using the same streaming parameters. 9.10.1:C1 Corrected an issue that prevented the product from inserting trigger data in SEI message when streaming H.264. 9.10.1:C2 Corrected an issues that could cause an incorrect error message when testing HTTP recipient. 9.10.1:C3 Increased the character limit for certificate IDs from 32 to 128 characters. 9.10.1:C4 Corrected an issue that caused RTSP client timeout to be delayed. 9.10.1:C5 Corrected an issue that caused an HTTP-recipient based action rule to fail when the response from the server excluded the textual phrase (Example: HTTP 200). This will work now. 9.10.1:C6 Corrected an issue that caused the temperature information delivered via SNMPOID to be corrupted. Known Bugs/Limitations ================================================================================ 9.40.1:L1 There might be event settings available that is not applicable to the product with the current setup. 9.30.1:L1 There might be features currently explained in the help files that may not be supported by the camera. 9.10.1:L1 It is recommended to perform firmware recovery to rollback the products firmware to a previous version. Downgrading the products firmware through the usual firmware upgrade process can cause configuration and ACAP loss. It is recommended to perform a factory default afterwards. Supported AXIS VAPIX API Image Resolutions for COMPANION CUBE LW ================================================================================ Resolution Exceptions ========== ========== 1920x1080 1280x960 1280x720 1024x768 1024x576 800x600 640x480 640x360 352x240 320x240 768x576 1) 704x576 1) 704x480 1) 384x288 1) 352x288 1) 1) Not visible in web user interface