Drupal had a major vulnerability at the end of March which Synology has finally released on April 18th. Synology covered this vulnerability in Synology Security Bulletin SA-18:17.
Drupal is the CMS that keeps on giving. Synology announced another severe Drupal vulnerability on April 26th. Synology Security Bulletin SA-18:18 has a new Drupal vulnerability. Synology rated this as “moderate” and already has an update available in Packages.
Synology patched a vulnerability in their SSL VPN Client. Synology Security Bulletin SA-18:19 has the information. If you run the SSL VPL Client, you should upgrade to version 1.2.4-0224 as soon as possible since Synology rates this vulnerability as important, which is their highest rating.
Synology has released a Beta for High Availability Manager 2.0.