The big security news for the month was the Meltdown and Spectre vulnerabilities. Synology has yet to release an update that addresses these vulnerabilities, which in retrospect, is a good thing. The update released by Intel (to be used by all their OEMs) has had problems, and Intel has withdrawn the update and Microsoft has provided tools to disable the update.
Synology last updated their Meltdown/Spectre security bulletin back on January 9th. At this point, it only lists the Synology products that are affected.
There were two additional security bulletins released in January. Both identify vulnerabilities that have been resolved in package updates.
A Photo Station vulnerability is addressed in Synology Security Bulletin SA-18:02. If you use Photo Station 6.8, then update to 6.8.3-3463 or above. If you use Photo Station 6.3, you should upgrade to 6.3-2971 or above.
A Note Station vulnerability was addressed in Synology Security Bulletin SA-18:03 and is fixed by upgrading to 2.5.1-0844 or above.