HP CZ255A, CZ256A, CZ257A User Manual
HP COLOR LASERJET ENTERPRISE M651PRINTER SERIES Firmware Readme
Product Name(s): HP Color LaserJet M651n • HP Color LaserJet M651dn • HP Color
LaserJet M651xh
Model Number(s): CZ255A, CZ256A, CZ257A
This document contains information for the firmware revision number:
Firmware Datecode: 20210317
Firmware Revision: 2309046_000282
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.7
Description
-- What is included in the Firmware bundle?
-- Who needs this firmware?
-- Determining the current version level of your firmware
Enhancements and Fixes provided with this firmware revision
Enhancements and Fixes provided with the previous revision(s)
Installation Instructions
-- Additional Information to know
-- Using the Embedded Web Server
-- Using the Walk up USB port
-- Web JetAdmin
FutureSmart Level Switching Procedures
-- Embedded Web Server (EWS)
-- Device Control Panel
-- Web JetAdmin
System Requirements
Technical Assistance
Customer Support
Internet
Additional Information
Legal Statements
-- Trademark Notices
-- OPEN-SOURCE SOFTWARE LICENSE AGREEMENTS (In English)
-- License and Copyright
Description
This Readme file provides specific installation instructions and other information you
should know before you perform a firmware update for your HP LaserJet Series printer or
MFP. Installation instructions are provided for Single and Multiple Printer Updates.
This document provides specific update, installation and troubleshooting information. For
additional information on the device features, refer to the online user guide found on the
Windows Printing System Installer CD-ROM that came with your printer or at hp.com.
What is included in a Firmware bundle?
The HP LaserJet printer firmware update file available from the hp web site contains
firmware for the printer, embedded JetDirect (if applicable), HP paper handling
accessories used with the device in one convenient download file. When the Remote
Firmware Upgrade file is sent to the HP LaserJet Printer or MFP firmware for the engine
and all connected accessories are upgraded.
Who needs this firmware?
Similar to Hewlett Packard providing improved software for your HP LaserJet Printer or
MFP, Hewlett Packard provides firmware updates for your printer periodically through its
supported lifecycle. A firmware update may be necessary if it is determined that you may
benefit from the resolution of any issue that is documented below. These updates are
available on the HP support web site.
Determining the current version level of your firmware
To determine the current level of firmware installed on the device:
Go to the printer’s or MFP’s control panel.
1. Go to the printer’s control panel.
2. Scroll down and select the Administration application.
3. Select the Reports menu.
4. Select the Configuration/Status Pages menu.
5. Select the Configuration Page option.
6. Select the Print.
On the printed Configuration page look in the section marked "Device Information" for the
Firmware Datecode and Firmware Revision. The Firmware Datecode and Firmware
Revision will look something like this:
Firmware Datecode: 20140321
Firmware Revision: 2302253_422210
IMPORTANT NOTE:
This firmware file requires an interactive update method. You CANNOT update these
Product(s)/Model(s) using the traditional FTP, LPR or Port 9100 methods of upgrading.
Please use one of the following methods listed below to update the firmware of this
device.
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20210317
Firmware Revision: 2309046_000282
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.7
For information on HP Security Bulletins addressed by firmware releases, please visit:
https://support.hp.com/security-bulletins
To initiate a subscription to receive future HP Security Bulletin alerts via email, visit:
https://www.hp.com/go/alerts
ENHANCEMENT:
Base:
➢ No New Updates.
Security/Authentication:
➢ No New Updates.
Embedded JetDirect:
➢ No New Updates.
FIXES:
Base:
➢ HP Webservices will stop working and the printer will lose its connection to
HP Connected on the web. You may see an error "Could not communicate
with HP Connected, or Unable to contact HP Connected" when you try to
enable HP Web Services.
➢ Third party solutions created in 2021 will not be able to load on the device
through the solution installer page.
Security/Authentication:
➢ No New Updates.
Embedded JetDirect:
➢ No New Updates.
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20210317
Firmware Revision: 2309046_000282
Embedded JetDirect:
JDI23900047
DC Controller:
5.48
HP Fleet Release Designation
FutureSmart 3.9.7
MD5 checksum for .bdl file
1e227ea14d67f09a8104545d50c752e2
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20191213
Firmware Revision: 2309025_582096
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.6
For information on HP Security Bulletins addressed by firmware releases, please visit:
https://support.hp.com/security-bulletins
To initiate a subscription to receive future HP Security Bulletin alerts via email, visit:
https://www.hp.com/go/alerts
ENHANCEMENT:
Base:
➢ No New Updates.
Security/Authentication:
➢ No New Updates.
Embedded JetDirect:
➢ No New Updates.
FIXES:
Base:
➢ 49.4A.04 error may occur intermittently when printing from certain types of
customized applications.
Security/Authentication:
➢ No New Updates.
Embedded JetDirect:
➢ No New Updates.
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20191213
Firmware Revision: 2309025_582096
Embedded JetDirect:
JDI23900042
DC Controller:
5.48
HP Fleet Release Designation
FutureSmart 3.9.6
MD5 checksum for .bdl file
d234b3f8aefaa83ed6c11dc8ddce8b2e
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20190711
Firmware Revision: 2309021_581895
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.5
ENHANCEMENT:
Security/Authentication:
➢ Added an updated digital signature verification for aftermarket solution bundles
during installation. Currently installed solutions are not affected. Customers and
resellers should work with solution providers for an updated signature-compliant
version of their software.
Base:
➢ No New Updates
Embedded JetDirect:
➢ No New Updates
FIXES:
Base:
➢ Some SmartCard solutions may fail to communicate with the card reader properly
causing the authentication dialog window to not appear.
Security/Authentication:
➢ CVE-2019-6334 - Solution application signature checking may allow potential
execution of arbitrary code.
Embedded JetDirect:
➢ No New Updates
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20190711
Firmware Revision: 2309021_581895
Embedded JetDirect:
JDI23900041
DC Controller:
5.48
HP Fleet Release Designation
FutureSmart 3.9.5
MD5 checksum for .bdl file
3aa693e38b301903e9c05d21b2f9eef9
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20190118
Firmware Revision: 2309010_581418
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.4
ENHANCEMENT:
Security/Authentication:
➢ New security check will prevent installation of non-compliant aftermarket solution
bundles. Currently installed solutions are unaffected. Please work with solution
providers for an updated signature-compliant version of their software.
Base:
➢ No New Updates
Embedded JetDirect:
➢ No New Updates
FIXES:
Base:
➢ No New Updates
Security/Authentication:
➢ No New Updates
Embedded JetDirect:
➢ TLS 1.0 and Multicast IPV4 settings do not get backed up and restored properly.
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20190118
Firmware Revision: 2309010_581418
Embedded JetDirect:
JDI23900041
DC Controller:
5.48
HP Fleet Release Designation
FutureSmart 3.9.4
MD5 checksum for .bdl file
7e0fe9cafb1b7757d4801bacf0874591
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20180605
Firmware Revision: 2308974_579770
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.2
ENHANCEMENT:
Security/Authentication:
➢ Added a feature to prevent Cross-site Request Forgery (CSRF) exploits. This guards
against a malicious exploit where unauthorized commands are sent to the EWS
using the logged-on administrator credentials.
Base:
➢ No New Updates
Embedded JetDirect:
➢ No New Updates
FIXES:
Base:
➢ Under certain conditions 49.38.07 error is seen after receiving a fax job.
➢ Secure Erase feature does not work properly after replacing the device’s Hard Disk
Drive (HDD).
Security/Authentication:
➢ CVE-2018-5923: Insecure Solution DLL Signature Validation.
➢ CVE-2015-9251: jQuery before version 1.12.0 and 3.0.0 may be vulnerable to
Cross-site Scripting (XSS) attacks.
Embedded JetDirect:
➢ Cisco "ARP Proxy" feature is causing devices to decline the DHCP offer.
➢ Syslog Priority setting is not filtering properly.
➢ Device loses network connection after re-negotiating the link speed.
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20180605
Firmware Revision: 2308974_579770
Embedded JetDirect:
JDI23900022
DC Controller:
5.48
HP Fleet Release Designation
FutureSmart 3.9.2
MD5 checksum for .bdl file
9b806f80972f19cd1e74d9ff2ecce961
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20180301
Firmware Revision: 2308955_579083
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9.1
ENHANCEMENT:
Security/Authentication:
➢ No New Updates
Base:
➢ No New Updates
Embedded JetDirect:
➢ No New Updates
FIXES:
Base:
➢ When printing from Mac OS High Sierra, error "undefinedresult, OFFENDING
COMMAND" is seen.
➢ Unable to print certain PDF files from USB.
Security/Authentication:
➢ No New Updates
Embedded JetDirect:
➢ By default, the IPP queue was disabled and it was enabled only for CUPS client.
This change includes enabling IPP queue by default, which improves IPP/IPPS
performance significantly.
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20180301
Firmware Revision: 2308955_579083
Embedded JetDirect:
JDI2309000125
DC Controller:
5.48
HP Fleet Release Designation
FutureSmart 3.9.1
MD5 checksum for .bdl file
fc37d87b7715034e040391da0f2d8698
Enhancements and Fixes provided with this Firmware
revision
The following new functionality or features are provided by this firmware release:
Firmware Datecode: 20171213
Firmware Revision: 2308937_578497
HP Fleet Bundle Version Designation: FutureSmart Bundle Version 3.9
ENHANCEMENT:
Security/Authentication:
➢ Users now have the ability to disable printing from Help.
➢ Added two new features to improve the private and usability of retrieving stored
jobs from the "Retrieve from Device Memory" application. Administrators can
define what users first see when entering the "Retrieve from Device Memory"
application. The default behavior has not changed, but administrators have a new
setting in the embedded web server under "Security" [Tab] -> "Protect Stored
Data" [Menu] -> "Managed Stored Jobs" [Section] called "Behavior when users
are authenticated. If "Assist users to their jobs" is selected, users entering the
application will immediately see their jobs provided a folder exists by their
username (default behavior in the print driver when sending jobs) but can
navigate back to the list of folders with jobs. Administrators will also note a new
permission that is not activated by default in the embedded web server under
"Security" [Tab] -> "Access Control" [Menu] -> "Sign In and Permission Policies"
[Section] -> "Open from Device Memory application" [Control Panel Permission]
for "Other Users' Jobs and Folders". If removing the permissions (e.g. for "Guest"
and "Device User") a regular user will only be able to see their or guest jobs. If at
the folder view they will only be able to see folders with at least one of their own
jobs or a guest job within it except for the special folders like "Untitled" & "Stored
Faxes". These two features can be used together to optimize the privacy &
usability when users retrieve their stored jobs.
➢ Allow for nested group behavior on the EWS: Security>Access Control>Windows
Setup. Nested AD groups may be configured to inherit parent permissions.
➢ Allows for authentication at devices using AD credentials instead of local device
credentials via Web Jet Admin.
➢ This firmware provides compatible HP and 3rd party solution software the ability
to establish HTTPs communications through the Jetdirect networking interface. The
protocol and encryption parameters for these solutions are now configured using
the Jetdirect networking settings, allowing access to updated Jetdirect protocols
and encryption. This option is available to HP and 3rd party solutions using the
HttpWebRequest Class connection methods.
➢ This firmware addresses the following security issues: CVE-2005-4900– SHA-1 is
not collision resistant, allowing for context-dependent spoofing attacks. Cipher
suites containing the SHA-1 hashing algorithm can now be disabled by setting
Encryption Strength to “High” within the “Mgmt. Protocols” page under the EWS
Networking tab. These cipher suites will remain enabled/active if Encryption
Strength is set to either “Medium” or “Low”. Note: For devices with Encryption
Strength set to “High”, after installing this firmware the Encryption Strength setting
will be changed to “Medium” to allow continued access to SHA-1 cipher suites.
Base:
➢ The Backup and Restore feature has been expanded to include JDI settings.
Additionally, this feature has been expanded to allow creating a backup file and
restoring that file to another device of the same model and firmware version as the
backup file.
➢ Added support for "Any Size/Any Type" in cassette trays.
➢ This feature increases the number of allowed PIN users in the device's local
address book; from 1000 to 2000.
➢ Optimized JPEG decompression library improves performance of print jobs with
JPEG compressed images
➢ A new option has been added to delete the temporary jobs after 3 days.
➢ Error code “42.B0.01” will not be displayed in the event log for end customers.
➢ Added new feature to allow PCL 6 to suppress blank pages. Previously this feature
was only available with PCL5, now this functionality is also available with PCL6.
➢ Changes in power management to meet new Blue Angel regulations.
Embedded JetDirect:
➢ No New Updates
FIXES:
Base:
➢ You may see a 49.00.FF error while performing a Direct TIFF print job.
➢ Setting Legacy resolution to 300 x 300 would not be retained after a power cycle.
➢ Print job size of 400mb or more not getting stored on the device disk memory.
➢ Disk resident fonts are not persistent after a power cycle.
➢ Paper type is displayed incorrectly on control panel when using Chinese.
➢ Wrong translation of control panel buttons in Czech.
➢ Certain PDFs were not printed correctly, text on PDF was getting printed as blocks.
➢ Improved Barcode scanning.
➢ Improvement in print performance of certain PDF files.
➢ You may see an Access Denied warning when trying to accesses the EWS even
prior to entering in a Password.
➢ Under certain circumstances an SNMP GET request might receive a slow response
which exceeds all client retries and timeouts. Sometimes the printer would never
respond. This fix ensures that these circumstances do not prevent timely SNMP
responses.
➢ Intermixing of pages is seen when printing mopy jobs.
➢ Embedded EPrint setting intermittently shows state as "Not Supported" instead of
"Enabled/Disabled" via WJA.
➢ Using the Pages per Sheet N-Up printing feature provided with any version of the
UPD PCL6 driver will give incorrect printed output.
➢ You may see improvements printing certain fonts.
➢ 49.38.07 error is seen when printing certain jobs with "reverse page order"
setting enabled on a device without finisher.
➢ PS Error seen when printing certain documents greater than 40 pages.
➢ Added a Web Service object for the "Security" -> "Web Scan Auto Capture Jobs:
Enable Remote User Auto Capture" feature which will allow Web Jet Admin to
fleet manage this setting with XTP Tickets where reservation less scanning for
Network TWAIN is required.
➢ 49.4A.04 is seen when printing certain PDF files containing excessive numbers of
XObjects on one or more pages
➢ Error 49.4A.04 is seen when reprinting certain jobs from Corel Draw.
➢ The PCL commands to call barcode fonts does not work when using asterisks
➢ 49.38.07 error is seen when printing certain PDF jobs in duplex.
➢ Color mismatch while printing certain PDF documents and selecting the CMYK
profile in driver.
➢ Device stops responding to SNMP requests when we go to Device tab in WJA.
➢ USB volume name is not getting displayed correctly in Korean and other 2 byte
languages.
➢ Missing graphics on pages when printing certain PCL5 jobs.
➢ Improvements in small job print performance.
➢ Display brightness value is getting reset to default on a power cycle.
Security/Authentication:
➢ Resolved issue where aftermarket authentication agents utilizing the OXPd protocol
could inadvertently remove guest permissions to tabs (e.g. the Information tab) on
the EWS page.
➢ This firmware addresses the following security issue: CVE-2016-2183 – 3DES
TLS/SSL Birthday Attacks on 64-bit Block Ciphers (SWEET32) Vulnerability.
➢ Re-added web services (removed in FS 3.8) to allow HP Jet Advantage Security
Manager to manage the state of the Information tab in the embedded web server.
➢ Resolved redundant authentication prompts when accessing certain types of logs.
➢ This firmware addresses the following security issue: CVE-2017-2750 - Insecure
Solution DLL Signature Validation.
➢ Added support for G&D FIPS-201 SIPR smartcards that are provisioned without
encipherment certificates.
➢ When logging into the Embedded Web Server using Windows authentication, you
may not be able to see all the tabs or options that you have been granted access
to.
➢ This firmware addresses the following security issues: CVE-2017-13077:
Reinstallation of the pairwise encryption key (PTK-TK) in the 4-way handshake.
CVE-2017-13078: Reinstallation of the group key (GTK) in the 4-way handshake.
CVE-2017-13079: Reinstallation of the integrity group key (IGTK) in the 4-way
handshake. CVE-2017-13080: Reinstallation of the group key (GTK) in the group
key handshake. CVE-2017-13081: Reinstallation of the integrity group key (IGTK)
in the group key handshake.
➢ This firmware disables the "TFTP Configuration File" setting to prevent
unauthorized device resets.
Embedded JetDirect:
➢ Fixed "IP Address/Subnet is out of range. Check the field. IP=x.x.x.x
Mask=x.x.x.x" error given when an IP address was entered with zero for the host
number in the Access Control List.
➢ Buffers expanded to hold large DNS responses (70+ records). Previously only
about 7 or 8 records were accepted.
➢ Trying to connect via the FTP may fail with certain applications.
➢ Fixed an issue where Windows Authentication would hang the printer.
➢ Product was generating Certificate Signing Requests with version number other
than zero. RFC 2986 requires a version number of zero.
➢ Product was generating Certificate Signing Requests with version number other
than zero. RFC 2986 requires a version number of zero.
➢ Printer crashes with 81.09.00 Embedded Jetdirect Error message when user sets
Admin password from Telnet.
➢ Under certain circumstances during initial power-on, the DCHP Discover message
is sent without a hostname (option 81). This fix ensures that option 81 is always
present when applicable.
➢ The password input for "Import Certificate and Private Key" has been expanded
beyond 16 characters.
➢ Default name when saving a CSR (Certificate Signing Request) is no longer
"certificate.cer".
➢ Under certain ciccumstances the certificate validity check performed during the IKE
portion of IPsec was done with the local printer time and not UTC time.
➢ If a Jetdirect 2900w in installed and two different wired networks are connected to
the printer (one on the JD 2900w and one on the Jetdirect Inside connection), then
it was possible (under certain circumstances) for the entire printer to become
unresponsive.
➢ This fix prevents the printer from resetting the connection during an intervention
event (paper out, paper jam, etc.) when printing using the LPD protocol.
Previously, the connection would be reset after the TCP Idle Timeout had expired.
Now it will wait indefinitely.
➢ The firmware had trouble parsing a long list of "additional records" in a DNS SRV
response packet. This fix prevents the problems which were causing the device to
crash with a 49.38.07 error code.
➢ Do not respond to pings during the DHCP process (after DHCP Discover).
➢ Retry 802.1x EAP Start process if unsolicited Request Identity is received after
connecting to unsecured network.
➢ IPP attribute "printer state" is not returning the correct state when printing a port
9100 job.
➢ Updates to HTTPS communications for embedded aftermarket solutions.
➢ Some SSL requests from embedded solutions would fail due to corruption of the
destination URL.
➢ Printer is showing offline after registering to Google Cloud Print.
Current firmware revisions included in this firmware bundle:
DEVICE FIRMWARE REVISION
COMPONENT
FIRMWARE VERSION
HP Color LaserJet M651SERIES
Firmware Datecode: 20171213
Firmware Revision: 2308937_578497
Embedded JetDirect:
JDI230900012
DC Controller:
5.48
Loading...