SMS Firmware Release Notes v7.1.0
Aug 23, 2023
SMS Firmware Update for Vanderbilt VSRC/VRCNX Controllers (SMSv7.1.0)
RELEASE DATE: January 2022
Files Included with Full SMS Download
| CONTROLLER | FIRMWARE VERSION |
| VSRC-A/VRCNX-A | V7.57A |
| VSRC-M/VRNX-M | V7.14M |
| VSRC/VRCNX-R | V6.70V (No Change) |
| SRCNX | V6.58L (No Change) |
Improvements
VSCR-A & VRCNX-A
- Cybersecurity updates: OpenSSL, OpenSSH, LightTPD, SQLite, BusyBox and libxml2.
- Block HTTP Request-Method “OPTIONS”.
- Implement Linux Kernel patches to remediate CVE-2021-33909, CVE-2021-38209, CVE-2021-40490.
- Require use of DCT v2 for configuration changes and require authentication. DCT v2 will be installed without removing any older version of the DCT which will still be required to manage controllers with older firmware.
VSRC-M & VRCNX-M
- Cybersecurity updates: OpenSSL, OpenSSH, LightTPD, SQLite, BusyBox and libxml2.
- Block HTTP Request-Method “OPTIONS”. Implement Linux Kernel patches to remediate CVE-2021-38199, CVE-2021-38209, CVE-2021-40490.
- Uninstall display.cgi.
- Require use of DCT v2 for configuration changes and require authentication. DCT v2 will be installed without removing any older version of the DCT which will still be required to manage controllers with older firmware.
Hot Fixes
VSRC-A & VRCNX-A
- Deleting the 2nd VRI-2 reader using supervised contacts can cause a controller restart.
VSRC-M & VRCNX-M
- Deleting the 2nd VRI-2 reader using supervised contacts can cause a controller restart.
