Firmware release notes 4.8.2
From SpinetiX Support Wiki
Contents
Release name: "Stecknadelhorn" 4.8.2. Release date: February 21st, 2024.
Note:
For other versions, see the DSOS release notes page.
New
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players.
- Added support for exFAT filesystems, USB storage formatted as exFAT can now be used like FAT formatted storage.
Improvements
- Recovery console is updated to version 2.17.1
- The display-info file now supports reporting information about multiple displays on the iBX440.
- Expiration of sign in to Control Center is now also applied to endpoints which are directly served by the Apache httpd server; now all endpoints which can be accessed after signing in to Control Center without further authentication, apply the same expiration.
- The value of the bootcount counter is now explicitly logged on each boot for ease of diagnostics.
- Moved the uploader
spx.publish
logs from trace to debug level for ease of diagnostics.
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players
- Enabled transparent huge pages for improved performance, in particular on iBX410, iBX440, and recent third-party players.
- Removed some unused grub components from DSOS to optimize storage use.
- Improved the error logging of the Wi-Fi and 802.1x daemon (iwd) to aid in diagnostics.
- The UEFI Secure Boot database is now re-provisioned on boot if it was cleared from the BIOS.
- The logs from the HTML5 rendering engine (CEF) are now rotated when they exceed 800 KB.
Applies to iBX410 and iBX410W.
- Tuned the system parameters to optimize the performance when heavily loaded and make the performance more consistent and predictable.
Applies to iBX440.
- Display power saving is now applied to all displays on the iBX440.
Fixes
- The "Update Now" button normally shown on the firmware version tile of the Control Center main page when there is a new firmware available was not shown. This was a regression introduced in 4.8.0.
- The Scheduled Download settings UI in Control Center sometimes did not reflect the actual settings. This was a regression introduced in 4.8.0.
- Removed unused authentication mechanism in Control Center with per-user API keys which was not exposed and was unused.
- Reports taken on third party players with eMMC based storage were missing the recovery data.
- There was a spurious error about missing NTP peers on each boot.
Applies to HMP400W, iBX410, iBX440, and third-party players
- The Wi-Fi configuration interface would not generate a correct configuration if a certificate in PEM format was provided and had Windows or Mac line endings, or was missing a final newline.
Applies to iBX410, iBX440 and third-party players.
- Make sure the Intel Energy performance bias is set to "normal" on boot, irrespective of what the BIOS sets.
- Some miscellaneous drivers were not enabled.
Applies to HMP400, HMP400W, and third-party players
- Connecting a DisplayPort multi-stream capable display would confuse DSOS, DisplayPort multi-stream is now disabled.
- The counter that limits the number of times the EFI boot manager entries may be re-written was not reset on a reset to factory defaults.
- The Wi-Fi automated BSS blacklist timings were too long, misbehaving or misconfigured networks would often retry only every 24 hours, they are now retried every 10 minutes at most, with the back-off starting at 5 seconds.
Applies to HMP300, HMP350, and DiVA
- It was not possible to adjust content duration in a playlist within the content management interface. This was a regression introduced in 4.8.0.
- Some text animations could lead to a crash and reboot of the player.
- Some 60 Hz stretch displays could report the vertical refresh frequency as 59 Hz instead of 60.
Security
Updated base libraries and components, the main changes are as follows:
- libxml2: fixed CVE-2023-39615, which may have affected DSOS, and CVE-2021-3516, which did not affect DSOS.
- openssh: fixed CVE-2023-38408, which did not affect DSOS.
- bind: fixed CVE-2023-2828 and CVE-2023-3341, which did not affect DSOS.
- php: fixed CVE-2023-3824, which may have affected DSOS, and CVE-2023-3247 and CVE-2022-4900, which did not affect DSOS.
- httpd: fixed CVE-2023-45802, which did not affect DSOS.
- glib-2.0: fixed CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665, which affected DSOS.
- curl: fixed CVE-2023-28321 and CVE-2023-28322, which affected DSOS, and CVE-2023-38546 and CVE-2023-38545, which did not affect DSOS.
- openssl: updated to version 1.1.1w, fixing CVE-2023-4807, which did not affect DSOS.
- busybox: fixed CVE-2022-48174, which may have affected DSOS.
- dbus: fixed CVE-2023-34969, which did not affect DSOS.
- gawk: fixed CVE-2023-4156, which affected DSOS.
- glibc: fixed CVE-2023-4911 and CVE-2023-4813, which did not affect DSOS.
- binutils: fixed CVE-2023-25584 and CVE-2021-46174, which did not affect DSOS.
- avahi: fixed CVE-2023-1981, CVE-2023-38469, CVE-2023-38470, CVE-2023-38471, CVE-2023-38472 and CVE-2023-38473, which may have affected DSOS.
- shadow: fixed CVE-2023-29383, which did not affect DSOS.
- zlib: fixed CVE-2023-45853, which did not affect DSOS.
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players.
- flac: fixed CVE-2020-22219, which did not affect DSOS.
- libsndfile: fixed CVE-2021-4156 and CVE-2022-33065, which affected DSOS.
- linux-firmware: updated to version 20230804
- grub: fixed CVE-2023-4692 and CVE-2023-4693, which did not affect DSOS
Applies to iBX410, iBX410W, iBX440, and third-party players.
- Updated the UEFI Secure Boot forbidden signatures list (dbx) to version 2023-05-09 from UEFI.
- Added the 2023 Microsoft UEFI Secure Boot certificates to the signature database (db), "Microsoft UEFI CA 2023" and "Windows UEFI CA 2023".
- Added the "Microsoft Corporation KEK 2K CA 2023" KEK certificate to the UEFI Secure Boot Key Exchange Key (KEK) database.
Developer
- The
<display-video-mode>
configuration element, can now be used without parameters to reset the display video mode for all outputs, thus making it possible to use multiple such tags in an additive way. - The
<hdmi-link-type>
configuration element, supported only on DiVA, HMP300, and HMP350 models, would mess up the display configuration instead of being ignored on the other player models. This was a regression introduced in 4.8.0.