Synology released an update for the older DSM 5.2 earlier this week. This update is chock-full of security updates so if you’re still on DSM 5 you should make time to install this update as soon as possible. The full version number is 5.2-5967-1 and it fills the following holes:
- Upgraded NTP to 4.2.8p7 to address multiple vulnerabilities (CVE-2016-1547, CVE-2016-1548, CVE-2016-1549, CVE-2016-1550, CVE-2016-1551, CVE-2016-2516, CVE-2016-2517, CVE-2016-2518, CVE-2016-2519)
- Upgraded OpenSSL to 1.0.1t to address multiple vulnerabilities (CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2176)
- Before the official patch is released, workaround is applied to mitigate multiple vulnerabilities of ImageMagick module (CVE-2016-3714, CVE-2016-3715, CVE-2016-3716, CVE-2016-3717, CVE-2016-3718).