QNAP Releases QTS 4.1.4 Build 0804

QNAP has recently released QTS 4.1.4 Build 0804 that addresses a number of vulnerabilities and fixes.

[Bug Fixes]

– Fixed PPP vulnerabilities (CVE-2015-3310, CVE-2014-3158).

– Fixed OpenSSL vulnerabilities (CVE-2015-4000, CVE-2015-1788, CVE-2015-1789, CVE-2015-1790, CVE-2015-1791, CVE-2015-1793 and CVE-2015-1792).

– Fixed a CGI vulnerability that could lead to unauthorized execution of arbitrary codes by remote users.

– Fixed the Logjam vulnerability (CVE-2015-4000) in Apache, ProFTPD, and OpenVPN.

– Fixed XSS vulnerabilities for the “Edit Account Profile” page, File Station, Syslog Viewer and System Connection Logs.
– Fixed the POODLE vulnerability (CVE-2014-3566) in ProFTPD.
– The system fails to convert between UIDs and GIDs from DCs and AD DCs.

– The system fails to initiate the Smart Fan when HDDs are overheating.

RAM usage abnormally spikes when domain users log in and log out.

– The system fails to load Pixlr Editor.

– The system fails to fetch the directory ID for folder permissions in File Station.

– The system does not show the correct message after users manually stop LUN snapshot tasks.

– The system fails to sync the recycle bins between the source and destination in a RTRR task.

– The system fails to fetch the entire IP address when users share files in File Station.

– The system fetches an incorrect photo timestamp.

– The system fails to store data in the correct location, causing ram disk full errors when using Twonky Media server.

– The system fails to identify special characters (ex. @#$) in domain group names.

– The system fails to fetch passwords if they contain “<” (ex. H

– The system fails to identify a local IP, causing file sharing to fail in File Station if users log in from a non-gateway LAN port.

– The system rebuilds shared folders each time the folder property is changed, causing File Station to hang.

[Enhancement] – Support the write cache emulation option in iSCSI to improve performance.

[Note]

– We recommend that you upgrade PHP to the latest version by downloading it from the App Center since this version addresses multiple vulnerabilities. To ensure reliability, users should check for compatibility before upgrading.

– We recommend that you upgrade MySQL to the latest version by downloading QMariaDB from the App Center since this version addresses multiple vulnerabilities. To ensure reliability, users should check for compatibility before upgrading.

About Joe D

I have always had a passion for everything computing. In early 2000, I decided to take my passion to the web. Thus, C.O.D. was born. Through the years we have made many great friends at C.O.D. and hope to continue our journey for years to come.

Check Also

QNAP Launches AMD-powered 10GbE TS-x63U

QNAP® Systems, Inc. today announced the new business-class AMD-powered quad-core TS-x63U series NAS; available in 4, 8 and 12-bay models with single and redundant power supply options. The TS-x63U series provides 10GbE network connectivity with its single-port SFP+ network adapter, and supports bridging 1GbE devices to a 10GbE network with its four built-in GbE interfaces. Coupled with an AES-NI hardware-accelerated encryption engine, SSD cache support, and flexible scalability; the TS-x63U series is ideal for SMBs looking for backup, restoration, virtualization storage, private cloud, and to future-proof their IT infrastructure for 10GbE networks.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.