Firmware release notes 4.8.1

Note:

For other versions, see the DSOS release notes page.

New

Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players.

• Added support for High Efficiency Video Coding (HEVC / H.265 / MPEG-H Part 2) streaming sources with SRT, HLS and DASH protocols. This is a Technology Preview Feature.

Improvements

• Recovery Console is updated to version 2.16.2.

Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players

• All users with admin rights now have access to the Recovery Console; requires recovery console version 2.16.2 or higher and becomes effective when a new user is added or a password is changed.
• The EFI boot manager entries and order (i.e., BIOS boot priorities) for DSOS are now re-created if missing or not in the correct order.
• The bootloader and its configuration used by the BIOS to boot DSOS are now updated during a firmware update.
• The player report now includes the device information for license activation, as well as information about the TPM Endorsement Key (EK) and related certificates, for improved diagnostics.

Fixes

• The release name, "Stecknadelhorn", was not properly set.
• The software watchdog rebooted the system via the hardware watchdog instead of the kernel, which made diagnostics confusing. This was a regression introduced in 4.5.0.
• An innocuous "no such table: WEBSTORAGE" error message, without consequence, could appear during boot.
• Fixed PHP warning about undefined offset.
• Animated GIFs would play at a maximum of 10 fps, any higher fps animated GIF was playing in slow motion.

Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players

• 4K was proposed as the default resolution in the Control Center wizard, instead of 1080p as in 4.7.7 and earlier versions; this was an unintended change in 4.8.0.
• In some cases, players could crash and reboot due to contention on the GPU memory. This was a regression introduced in 4.8.0.
• Sometimes the temperature from the internal sensor could be reported as "not found".
• The configuration backup included a portNumber attribute for serial ports, although it is ignored and useless on players other than DiVA, HMP300 and HMP350.
• Color Emojis could sometimes be accidentally rendered in black and white.

Applies to iBX410 and iBX440 players.

• The "DSOS boot menu" boot option did not show the boot menu, instead it booted DSOS directly.
• The DMC firmware for the GPU on iBX410 and third-party players with Elkhart Lake processors was missing.
• Under rare circumstances, the synchronization of the multiple outputs on the iBX440 could be suboptimal due to CPU scheduling.
• Images in 8K would not display for 8K capable players, such as iBX440.

Applies to HMP400, HMP400W, and third-party players

• The hardware watchdog was not available on HMP400, HMP400W, and Intel NUC 8 Chaco Canyon, only the software watchdog was being used. This was a regression introduced in 4.8.0.

Applies to third-party players

• The bootloader would fail to load on systems which failed TPM measurement operations (e.g., due to buggy BIOS), making the system impossible to boot; this was a compatibility problem introduced in 4.7.5; now TPM measurement errors do not prevent booting.

Security

Updated base libraries and components, the main changes are as follows.

• curl: fixed CVE-2023-32001, which could affect DSOS, and CVE-2023-28320, which does not affect DSOS.
• elfutils: fixed CVE-2021-33294, which does not affect DSOS.
• libcap: fixed CVE-2023-2602 and CVE-2023-2603, all of which could affect DSOS.
• libjpeg-turbo: fixed CVE-2020-35538 and CVE-2023-2804, all of which could affect DSOS.
• ntp: fixed CVE-2023-26551, CVE-2023-26552, CVE-2023-26553, CVE-2023-26554, and CVE-2023-26555, none of which affected DSOS.
• openssl: updated to 1.1.1v, fixing CVE-2023-2650, CVE-2023-0464, CVE-2023-0465, CVE-2023-0466, CVE-2023-3446, and CVE-2023-3817, all of which could affect DSOS.
• procps: fixed CVE-2023-4016, which does not affect DSOS.
• timezone database (tzdata): updated from 2022g to 2023c, affecting Egypt, Morocco, Palestine, Greenland.

Applies to HMP400, HMP400W, iBX410, iBX440, and third-party players

• Linux kernel updated from 5.15.119 to 5.15.133 fixing the following security issues:
  • That affected DSOS: CVE-2023-1206, CVE-2022-40982, CVE-2023-40283, CVE-2023-42752, CVE-2023-45871.
  • That did not affect DSOS: CVE-2023-31248, CVE-2023-38432, CVE-2023-3866, CVE-2023-2898, CVE-2023-44466, CVE-2023-4132, CVE-2023-3611, CVE-2022-48502, CVE-2023-3865, CVE-2023-35001, CVE-2023-3776, CVE-2023-3863, CVE-2023-20593, CVE-2023-3777, CVE-2023-4004, CVE-2023-4015, CVE-2023-4147, CVE-2023-20569, CVE-2023-20588, CVE-2023-4128, CVE-2023-4208, CVE-2023-4206, CVE-2023-4207, CVE-2023-4569, CVE-2023-39194, CVE-2023-4273, CVE-2023-3772, CVE-2023-4921, CVE-2023-4623, CVE-2023-42753, CVE-2023-39189, CVE-2023-4881, CVE-2023-39193, CVE-2023-39192 and CVE-2023-42755.
• dmidecode: CVE-2023-30630, which does not affect DSOS.
• grub: fixed CVE-2020-27749, CVE-2021-20225, CVE-2021-20233, all of which could affect DSOS.
• intel-microcode: updated to version 20230808, fixing CVE-2022-40982, which affects some of the supported platforms, and CVE-2023-23908 and CVE-2022-41804, none of which affects any of the supported platforms.
• linux-firmware: updated to version 20230515
• wireless-regdb: updated to version 2023.05.03

Developer

RPC API

• The "restarted" RPC notification sent to RPC Concentrators had an empty bootid value most of the time, in both the parameter and the property of the "info" object.