QNAP QTS 4.2.4 build 20170313

  • Hi,


    Es gibt mal wieder ein Update.... DL wie immer bei qnap.de>support>downloadcenter



    QTS 4.2.4 Build 20170313


    [Bug fixes]

    - Fixed an issue where an error message would appear when the Docker Certificate expired due to users manually setting the time forward.
    - Fixed an issue where RTRR FTP backup jobs would not accept passwords that contained more than 16 characters.
    - Fixed an issue where users could not upload files larger than 4 GB in File Station when using Internet Explorer 11.
    - Fixed an issue where bluetooth devices would disappear from the device list after Container Station was installed and enabled.
    - Fixed an issue where users could not connect a Mac to the NAS when using L2TP/IPsec VPN service.
    - Fixed an issue where the System Logs would incorrectly display VPN connections as PPTP when PPTP was enabled.
    - Fixed an issue where unexpected errors would occur when key combinations were used consecutively in HybridDesk Station.
    - Fixed an issue where users could not use Affinity Photo to edit the photos in NAS shared folders mounted on OS X via AFP.
    - Fixed an issue where the system would not automatically check for available firmware updates when users logged in after setting the date format as DD/MM/YYYY.
    - Fixed a configuration file vulnerability that could be exploited to compromise the security of sensitive data. (CVE-2017-5227)
    - Fixed an Apache HTTP Server vulnerability that could be exploited to deny requests to a server. (CVE-2016-8740)
    - Fixed a stack overflow vulnerability that could be exploited to gain control of the EIP register.
    - Fixed a SQL injection vulnerability that could be exploited to execute arbitrary SQL commands
    - Fixed a command injection vulnerability in transcoding that could be exploited to execute unauthorized commands.
    - Fixed a heap overflow vulnerability.
    - Fixed a cross-site scripting vulnerability that could be exploited to inject arbitrary JavaScript commands.
    - Fixed 2 stack overflow vulnerabilities that could be exploited to cause segmentation faults and gain control of the EIP register.
    - Fixed a command injection vulnerability in transcoding that could be exploited to gain the administrator privileges and execute unauthorized commands
    - Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6361)
    - Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6359)
    - Fixed an access control vulnerability that would incorrectly restrict authorized user access to resources.
    - Fixed 2 stack overflow vulnerabilities.

    Grüße
    ...jp


    DM900 / OE2.5 Experimental ... und sehr glücklich damit :)

    Einmal editiert, zuletzt von juanito_perez ()

  • Danke JP. Vielleicht nochmal den Titel Beitrags anpassen, damit es beim Lesen klar wird, dass es um Qnap Firmware geht :)

  • Hi,


    schon angepasst, Danke für den Hinweis :)


    PS: Installation hat auf meiner QNAP problemlos geklappt.

    Grüße
    ...jp


    DM900 / OE2.5 Experimental ... und sehr glücklich damit :)

  • Update!


    4.2.5 build 20170413
    [Fixes]

    - Fixed multiple network vulnerabilities in QTS.
    - Fixed an issue where an error message would occur when users created a RADIUS client whose name contained the symbol "_".
    - Fixed an issue where unexpected error entries would appear in SMB logs when users connected to NAS shared folders via SMB.

    Grüße
    ...jp


    DM900 / OE2.5 Experimental ... und sehr glücklich damit :)