Version : 5.0-4528

(2014/10/22)

What’s New

1. This hotfix includes all bug fixes as well as security fixes in the previously released critical updates since DSM 5.0-4458.
2. This hotfix will remove the current known malware on your Synology NAS.

Fixed Issues

1. Fixed two Linux kernel vulnerabilities that could allow local users to cause a denial of service resulting in uncontrolled recursion or unkillable mount process (CVE-2014-5471 and CVE-2014-5472).
2. Fixed one Linux kernel vulnerability that could allow local users to cause a denial of service or possibly gain privileges via a crafted application that triggers a zero count (CVE-2014-0205).
3. Fixed one Linux kernel vulnerability that could allow man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate (CVE-2014-6657).
4. Fixed one SNMP vulnerability where the improper validation of input could allow remote attackers to cause a denial of service (CVE-2014-2284).
5. Implemented minor fixes related to the ShellShock Bash vulnerabilities previously addressed in DSM 4493-05 updates (Bash 4.2-51, 4.2-52, and 4.2-53).

Version : 5.0-4493 Update 7

(2014/09/29)

Fixed Issues

1. Fixed a potential risk on Bash command shell (CVE-2014-6271 and CVE-2014-7169).

Version : 5.0-4493 Update 5

(2014/09/10)

Improvement

1. Improve the stability of file copy to encrypted shared folders.

Fixed Issues

1. Fixed a vulnerability that could allow servers to accept unauthorized access.

Version: 5.0-4493 Update 4

(2014/08/26)

Fixed Issues

1. Upgraded OpenSSL to Version 1.0.1i to fix multiple security issues (CVE-2014-0224, CVE-2014-0221, CVE-2014-0195, CVE-2014-0198, CVE-2010-5298, and CVE-2014-3470).
2. Implemented fixes for Kerberos 5 to address multiple security issues that allow remote attackers to cause a denial of service (CVE-2012-1013, CVE-2014-4341, CVE-2014-4342, CVE-2014-4344).
3. Fixed an issue where files with ACL attributes could become inaccessible after being loaded in large batches when DiskStation acts as an NFS server.
4. Fixed an issue where the restore might not be successful when containing multiple subfolders in Time Backup.
5. Fixed an issue where DHCP server service does not map to the correct VLAN interface if the service started before VLAN is enabled.

Version: 5.0-4493 Update 3

(2014/07/24)

Improvements

1. Improved the stability of volume expansion.

Fixed Issues

1. Fixed two SAMBA vulnerabilities which allowed remote attackers to use the weaknesses to perform DoS attacks (CVE-2014-0244, CVE-2014-3493).
2. Fixed an issue which prevented users from being able to log into DSM after completing QuickConnect Wizard after a fresh DSM installation.
3. Fixed an issue causing slow response time in DSM on the early version of RS10613xs+ when too many concurrent connections were active.