Synology Security Synology-SA-22:01 DSM

Currently reading
Synology Security Synology-SA-22:01 DSM

Telos

Subscriber
2,154
698
NAS
DS418play, DS213j, DS3622+, DSM 7.1.4-11091
Last edited:
I recommend waiting a month to install this update, due to Synology's egregious pattern of recalling updates and then re-releasing patched updates with the same build number.

When that happens, early adopters are unable to install the corrected patch. And we know that Synology's first patch release often introduce new deficiencies. I, for one, am stuck on a "release 2" version that was twice replaced. But I'll not repeat that, jumping to an early "release 3" build.

It's my hope that some here who have a relationship with Synology would use their influence to end this poor practice of releasing "patched" patches without advancing the build number.
 
179
26
NAS
DS 718+, DS 720+
Router
  1. RT2600ac
Operating system
  1. Windows
Mobile operating system
  1. iOS
Agree with Mr. T. I have encountered just what he has explained!!! A couple times!
P.S.: This is the second time in a week that DSM or SRM updates are posted here, first -- before seen at Synology Forum!!
 
175
83
NAS
DS218+ 8GB RAM, DS212
Operating system
  1. Windows
Mobile operating system
  1. Android
  2. iOS
Not even being offered on my DS218+ yet, haven't checked my DS212 yet.
1641923156222.png
 

Rusty

Moderator
NAS Support
4,773
1,396
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
The irony being that for security patches you should be implementing them fairly smart-ish on production devices, after testing on non-production devices, if they are exposed by the vulnerabilities.
Agreed, but due to recent MO by Syno when it comes to their patches, I never put new patches on day1 on PROD... just in case. Can't shake the feeling that this new "will be deployed in different regions..." policy means, let's buy some weeks by pushing the patch to the masses and see what will go wrong. Then we will patch some more and then we will do a mass rollout.
 

fredbert

Moderator
NAS Support
Subscriber
3,262
1,292
NAS
DS1520+, DS218+, DS215j
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Well indeed. It's definitely worth reading the release notes to determine if it relates to anything you use... if you don't use a fixed/patched feature then probably it's worth not updating, at least not right away.

You know those bugs when the male often gets eaten by its mate:
  • The bug is us
  • The mate is Synology's software release and QA
  • And the rest of the bug eating world are hackers
 

Rusty

Moderator
NAS Support
4,773
1,396
www.blackvoid.club
NAS
DS718+, DS918+, 2x RS3614RPxs+
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
if you don't use a fixed/patched feature then probably it's worth not updating
Exactly. This is my mindset as well. I only patch if there are obvious security problems that might bite me, and features that I might use/were fixed.

Nothing but to sit and wait now.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Synology Security Synology-SA-21:25 DSM
Multiple vulnerabilities allow local users to execute arbitrary commands via a susceptible version of...
Replies
0
Views
563
Synology Security Synology-SA-21:22 DSM
That appears to be addressed in DSM 6.2.4-25556 Update 2 If I interpret this correctly, Fixed in DSM...
Replies
2
Views
925
Synology Security Synology-SA-21:03 DSM
New DSM version available: DSM 6.2.4-25554 Link to model-specific update files: 6.2.4-25554 :coffee:
Replies
1
Views
770
Synology Security Synology-SA-20:26 DSM
Multiple vulnerabilities allow remote attackers to execute arbitrary code via a susceptible version of...
Replies
0
Views
1,280
Synology Security Synology-SA-20:18 DSM
Multiple vulnerabilities allow remote attackers to conduct man-in-the-middle attacks via a susceptible...
Replies
0
Views
582
Synology Security Synology-SA-20:06 DSM
Multiple vulnerabilities allow remote authenticated users to conduct denial-of-service attacks or obtain...
Replies
0
Views
687
Replies
2
Views
1,012

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Top