Synology heeft snel een patch gelanceerd voor het heartbleed probleem. Je vindt hem als Update 2 in je DSM.
Als toevoeging laat Synology nog wel het volgende weten:
“DSM 5.0 Secured Against OpenSSL Heartbleed Vulnerability
Please update your DiskStation via the control panel. Release notes can be found here: http://bit.ly/1n8hRz6
*Please note that this update is only for DSM 5.0, previous version updates will be released soon.
MyDS servers have been patched and are safe for use, however we recommend users change their passwords. We value your data security and will continue to take security measures to prevent malicious attacks. If you need help with your systems after upgrading to the latest DSM version or have any further questions, please contact security@synology.com”
Hieronder de Release Notes:
(2014/04/10)
Change Log
- Fixed a critical security issue of OpenSSL (heartbleed) to prevent secret keys from being compromised. (CVE-2014-0160)
- Enhanced the reliability of moving shared folders to different volumes.
- Fixed a security issue causing encrypted shared folders to be mounted automatically after resetting the admin’s password by pressing the reset button.
- Fixed an issue causing system services and applications to possibly stop working.
- Fixed an issue causing files indexing in Media Library to possibly stop working.
- Fixed an issue preventing users from logging into FTP service when Personal Website was enabled and the homes shared folder was located on an ext3 volume.
- Fixed an issue causing hard drives to not hibernate when SSD read-write cache was enabled.