Firmware release notes 4.8.1
From SpinetiX Support Wiki
Contents
Release name: "Stecknadelhorn" 4.8.1. Release date: December 6th, 2023.
Note:
For other versions, see the DSOS release notes page.
New
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players.
- Added support for High Efficiency Video Coding (HEVC / H.265 / MPEG-H Part 2) streaming sources with SRT, HLS and DASH protocols. This is a Technology Preview Feature.
Improvements
- Recovery Console is updated to version 2.16.2.
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players
- All users with admin rights now have access to the Recovery Console; requires recovery console version 2.16.2 or higher and becomes effective when a new user is added or a password is changed.
- The EFI boot manager entries and order (i.e., BIOS boot priorities) for DSOS are now re-created if missing or not in the correct order.
- The bootloader and its configuration used by the BIOS to boot DSOS are now updated during a firmware update.
- The player report now includes the device information for license activation, as well as information about the TPM Endorsement Key (EK) and related certificates, for improved diagnostics.
Fixes
- The release name, "Stecknadelhorn", was not properly set.
- The software watchdog rebooted the system via the hardware watchdog instead of the kernel, which made diagnostics confusing. This was a regression introduced in 4.5.0.
- An innocuous "no such table: WEBSTORAGE" error message, without consequence, could appear during boot.
- Fixed PHP warning about undefined offset.
- Animated GIFs would play at a maximum of 10 fps, any higher fps animated GIF was playing in slow motion.
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players
- 4K was proposed as the default resolution in the Control Center wizard, instead of 1080p as in 4.7.7 and earlier versions; this was an unintended change in 4.8.0.
- In some cases, players could crash and reboot due to contention on the GPU memory. This was a regression introduced in 4.8.0.
- Sometimes the temperature from the internal sensor could be reported as "not found".
- The configuration backup included a
portNumber
attribute for serial ports, although it is ignored and useless on players other than DiVA, HMP300 and HMP350. - Color Emojis could sometimes be accidentally rendered in black and white.
Applies to iBX410 and iBX440 players.
- The "DSOS boot menu" boot option did not show the boot menu, instead it booted DSOS directly.
- The DMC firmware for the GPU on iBX410 and third-party players with Elkhart Lake processors was missing.
- Under rare circumstances, the synchronization of the multiple outputs on the iBX440 could be suboptimal due to CPU scheduling.
- Images in 8K would not display for 8K capable players, such as iBX440.
Applies to HMP400, HMP400W, and third-party players
- The hardware watchdog was not available on HMP400, HMP400W, and Intel NUC 8 Chaco Canyon, only the software watchdog was being used. This was a regression introduced in 4.8.0.
Applies to third-party players
- The bootloader would fail to load on systems which failed TPM measurement operations (e.g., due to buggy BIOS), making the system impossible to boot; this was a compatibility problem introduced in 4.7.5; now TPM measurement errors do not prevent booting.
Security
Updated base libraries and components, the main changes are as follows.
- curl: fixed CVE-2023-32001, which could affect DSOS, and CVE-2023-28320, which does not affect DSOS.
- elfutils: fixed CVE-2021-33294, which does not affect DSOS.
- libcap: fixed CVE-2023-2602 and CVE-2023-2603, all of which could affect DSOS.
- libjpeg-turbo: fixed CVE-2020-35538 and CVE-2023-2804, all of which could affect DSOS.
- ntp: fixed CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, and CVE-2023-26555, none of which affected DSOS.
- openssl: updated to 1.1.1v, fixing CVE-2023-2650, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, and CVE-2023-3817, all of which could affect DSOS.
- procps: fixed CVE-2023-4016, which does not affect DSOS.
- timezone database (tzdata): updated from 2022g to 2023c, affecting Egypt, Morocco, Palestine, Greenland.
Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players
- Linux kernel updated from 5.15.119 to 5.15.133 fixing the following security issues:
- That affected DSOS: CVE-2023-1206, CVE-2022-40982, CVE-2023-40283, CVE-2023-42752, CVE-2023-45871.
- That did not affect DSOS: CVE-2023-31248, CVE-2023-38432, CVE-2023-3866, CVE-2023-2898, CVE-2023-44466, CVE-2023-4132, CVE-2023-3611, CVE-2022-48502, CVE-2023-3865, CVE-2023-35001, CVE-2023-3776, CVE-2023-3863, CVE-2023-20593, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4147, CVE-2023-20569, CVE-2023-20588, CVE-2023-4128, CVE-2023-4208, CVE-2023-4206, CVE-2023-4207, CVE-2023-4569, CVE-2023-39194, CVE-2023-4273, CVE-2023-3772, CVE-2023-4921, CVE-2023-4623, CVE-2023-42753, CVE-2023-39189, CVE-2023-4881, CVE-2023-39193, CVE-2023-39192 and CVE-2023-42755.
- dmidecode: CVE-2023-30630, which does not affect DSOS.
- grub: fixed CVE-2020-27749, CVE-2021-20225, CVE-2021-20233, all of which could affect DSOS.
- intel-microcode: updated to version 20230808, fixing CVE-2022-40982, which affects some of the supported platforms, and CVE-2023-23908 and CVE-2022-41804, none of which affects any of the supported platforms.
- linux-firmware: updated to version 20230515
- wireless-regdb: updated to version 2023.05.03
Developer
- The "restarted" RPC notification sent to RPC Concentrators had an empty
bootid
value most of the time, in both the parameter and the property of the "info" object.