FIRMWARE RELEASE NOTE ======================== Products affected: S3008 Release date: 2020-09-24 Release type: Production Firmware version: 10.1.0 Preceding release: 10.0.3 -------------------------------------------------------------------------------- Upgrade recommendations ======================== If you need to step up your firmware several steps, it is recommended to do an intermediate upgrade to LTS-tracks before proceeding. For example if the current version is 7.40 and you want to upgrade to 9.70. Then you should do the upgrade in these steps: 7.40 => 8.40 LTS => 9.70. Upgrade the firmware according to the instructions given in howtoupgrade.txt, which is included in the firmware folder or at the firmware portal at https://www.axis.com NOTE ======================== For latest information about Axis Cybersecurity, see: https://www.axis.com/support/product-security New features in 10.1.0 ================================================================================ 10.1.0:F1 Removed support for SMB versions lower than 2.1. 10.1.0:F2 The parameters Time.ServerTime and Time.ServerDate that have been deprecated for some time are now removed. 10.1.0:F3 Added support for certificate-based client authentication in MQTT. 10.1.0:F4 Added support for Remote Syslog API which enables Axis devices to send their log messages to a remote syslog server. Remote Syslog can be configured via web- interface under Settings -> System -> TCP/IP or using the VAPIX API that can be found here -> https://www.axis.com/vapix-library/. 10.1.0:F5 A factory default is now mandatory when trying to downgrade the device. 10.1.0:F6 Improved performance when building up an RTSP video stream by 30%. 10.1.0:F7 Added support for a new overlay modifier "%v" that displays seconds in 1/1000 fractions. 10.1.0:F8 Added support for HTTP Strict Transport Security (HSTS) when using HTTPS. 10.1.0:F9 The following HTTP headers are now configured per default to increase overall cybersecurity level : X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block. 10.1.0:F10 Updates UPnP to version 1.8.7 which patches CVE-2020-12695 (Callstranger). 10.1.0:F11 Added support for IEEE 802.1x-2010 which provides support for EAPoL version 3. 10.1.0:F12 Changed default IEEE 802.1x EAPoL settting from version 1 to 3. 10.1.0:F13 IEEE 802.1x is enabled now per default on Axis products that support AXIS Edge Vault. This enables Axis products to utilize Axis device ID via IEEE 802.1AR. 10.1.0:F14 Added support for configuring 802.1X without CA certificate. This will make the device authenticate on any network, not just the trusted one. 10.1.0:F15 The EAP-TLS-identity field in the 802.1x configuration is now by default filled with "axis-" value. 10.1.0:F16 Removed the download.cgi API. The exportrecording.cgi API which was introduced in 5.60 is the substitute. Features in 10.0.3 ================================================================================ Corrections in 10.1.0 ================================================================================ 10.1.0:C1 Corrected an issue that caused an FTP Send Image action rule to use the temporary mode option even if the option was not enabled. 10.1.0:C2 On upgrade to 10.1 the web browser cache needs to be reset or the configuration page for VMD and/or Guard Suite ACAPs will show up as a blank screen. 10.1.0:C3 Corrected an issue that caused old recordings to not be removed after their retention period was expired. Corrections in 10.0.3 ================================================================================ 10.0.3:C01 Corrected Axis critical vulnerability ACV-2020-10004. For more information please visit www.axis.com/support/product-security. 10.0.2:C1 Corrected an issue that prohibited the use of a new firmware. 10.0.2:C2 Corrected an issue that sometimes caused event triggered recordings to fail. Known Bugs/Limitations ================================================================================