Synology Package Updates Galore

Synology released a dozen updates to their packages last week.

Updates include:

Note Station

Note Station was updated to version 1.1-0211 and includes the following fixes:

  1. Fixed a security issue to prevent cross-site scripting (XSS) attacks.
  2. Enhanced the stability of capturing web content using Synology Web Clipper.
  3. Enhanced the stability of inserting images to notes.
  4. Fixed an issue where the feature of DSM timeout might fail if the todo badge is enabled.
  5. Minor bug fixes.

I’ve had problems related to numbers 2 and 3 so I’m hoping things will improve with this update. Neither was reproducible on demand (for me) but initial use is encouraging.

Anti-Virus Essential

Anti-Virus Essential was updated to version 1.3-2342. There’s only one fix but it’s critical if you use this package. They fixed an issue where uninfected DSM system files may be removed by Antivirus. You’ll also want to make sure the latest DSM is installed so any problems this bug caused will be fixed.

Video Station

Video Station was update to version 1.5-0763 which includes a couple security fixes.

  1. Fixed a security issue to prevent potential SQL injection attacks.
  2. Fixed a security issue to prevent potential command injection attacks.

Download Station

Download Station was update to version 3.5-2967 with the following fixes:

  1. Fixed a security issue to prevent cross-site scripting (XSS) attacks.
  2. Fixed an issue where users belonging to the administrators group have limited quota when downloading files.
  3. Fixed an issue where download might not work when BT filenames contain special characters or non UTF-8 encoded characters.
  4. Fixed an issue where copying files from subfolders might fail.
  5. Fixed an issue where download tasks from Mega might fail.

Cloud Station

Cloud Station was updated to version 3.2-3484 which fixes an issue that might prevent successful sync resumption.

Agent installs on Windows and Mac computers will automatically update. If you run the Cloud Station client on the Synology NAS itself then see the next update.

Cloud Station Client

The Cloud Station Client package was updated to version 3.2-3484 which includes two fixes:

  1. Fixed a security issue with cross-site scripting.
  2. Fixed an issue that might prevent sync resumption.

DNS Server

The DNS Server package was updated to version 1.1-0080 which upgraded bind9 to 9.9.7-P3 to address multiple vulnerabilities (CVE-2015-5477, CVE-2015-5722, and CVE-2015-5986).

Drupal

The Drupal package was updated to version 7.39-0039 to address multiple vulnerabilities (SA-CORE-2015-003).

Mail Station

Mail Station was updated to package version 20150827-0225 which upgraded Mail Station to version 1.1.2 to address multiple vulnerabilities (CVE-2015-5381, CVE-2015-5382, CVE-2015-5383).

Media Wiki

Media Wiki was updated to version 1.23.10-0029 with the only listed change as Upgraded to version 1.23.10.

Python Module

The Python module provides supplemental extensions for Python 2 which may be needed by some programs. It was updated to version 0008 with two listed changes.

  1. Upgraded to be compatible with Odoo 8.
  2. Minor bug fixes.

SVN

The SVN package received a security update to version 1.9.0-0031 which upgraded to version 1.9.0 to address multiple vulnerabilities (CVE-2015-3187, CVE-2015-0248, CVE-2015-0251).

Leave a Reply

Your email address will not be published. Required fields are marked *