QNAP has addressed a number of vulnerabilities and concerns with the release of QNAP QTS 4.1.4.
QTS4.1.4 build 0910
[Bug Fixes]– Fails to list files in File Station.
– Fixed potential CGI vulnerabilities. Users are advised to upgrade their NAS firmware with this release.
– Fixed Change Password vulnerability.
– Fixed Apple Networking vulnerability.
– Fixed multiple OpenSSH vulnerabilities (CVE-2015-5600 and other three).
– An Out-of-Memory message will appear in the system logs and call a trace error in the kernel log when cloning a VM via iSCSI (from a file-based thick LUN to itself).
– When the number of LUNs exceed 70, it may take a long time to display information on the overview page.
– The NAS will be unstable if enabling the domain controller and changing Windows ACL permissions.
– TS-x31 series models will sometimes fail to find an attached Netis WF2110.
– Shared folders could not be downloaded by share link in File Station if they are password protected with a password over 6 characters in length.
– Backing up files over 40GB to QTS 4.1.4 via FTP causes data inconsistency.
– FileZilla will show error logs when transferring 24GB of data to the NAS with SSL/TLS.
– Missing port number on share link in Qvideo for Windows Phone.
– Shows proftpd segfault message when executing the SSH command: /etc/init.d/nvrd.sh restart.
– TVS-ECx80U-RP series models cannot have jumbo frames set to 9000.
– The NAS still shows the “QTS Beta test program” window.
– Performance will be affected when copying big files to a block-based thick LUN with 4K byte sector size via 10GbE (iSCSI).
– A volume created in QTS 4.1.x cannot be removed in QTS 4.2.0.
– Storage iostat write problem in Veeam Backup.
– If you check then uncheck the SMB Encryption option in shared folders, the option will still be checked.
– Streaming images from the TS-269H to Chromecast using File Station will fail to show the image.
– A fixed IP will not be set after pushing the Reset button for three seconds.
– We recommend that you upgrade the built-in PHP by downloading the PHP app 5.5.27 (or newer) from the App Center to address multiple vulnerabilities. Please follow the automatic notifications to ensure your PHP is always current.To ensure reliability, users should check for compatibility before upgrading.
– We recommend that you upgrade the built-in MySQL by downloading the QMariaDB app 5.5.44 (or newer) from the App Center to address multiple vulnerabilities. Please follow the automatic notifications to ensure your QMariaDB is always current. To ensure reliability, users should check for compatibility before upgrading.