UPDATE 25/05/2021 - v1.2.5-8225 have been recalled and replaced with v1.2.5-8227. This update has been recalled on May 25, 2021, due to an issue on time synchronization. The issue has been fixed in SRM 1.2.5-8227.
UPDATE 12/05/2021 - update went with 0 problems on my RT2600+MR2200 mesh setup
Today we got another SRM update from Synology. Long list I must say with lot of fixes and security patches including a fresh one from today as well. More info on Synology-SA-21:19 SRM.
Here is the update for the current 8227 update:
- This update includes fixes to the following issues found in SRM 1.2.5-8225.
- Fixed an issue where time synchronization with the NTP server might fail after a reboot under certain circumstances.
- Fixed an issue where the databases of IP geolocation and threat intelligence were restored to earlier versions after SRM updates, causing Safe Access to block wrong IP addresses.
Here is the log for the new (8225) update:
- The update will be available for selected regions within the following weeks, although the release time in each region may vary slightly.
- Supports deploying a mesh Wi-Fi system with low-band 5 GHz uplinks if 5GHz DFS channels are not available.
- Added support for automatic updates of OS-version dependent packages when SRM is updated manually.
- Updated the system to comply with the latest Wi-Fi connection laws in Indonesia.
- Added support for customized IPv6 addresses in the local network.
- Added several types of collectible information over SNMP.
- Updated the API used for sending emails to Gmail accounts.
- Updated dnsmasq to version 2.85.
- Fixed the DHCP issues related to IPTV services of Telfort, XS4ALL, and KPN in the Netherlands.
- Fixed an issue where SRM might not be able to transfer IEEE 1905.1 packets.
- Fixed an issue where the guest network's default traffic policy could not be applied to guest Wi-Fi clients that are connected to additional Wi-Fi points.
- Fixed an issue where SRM's current channel might be displayed incorrectly when a DFS channel was selected manually.
- Fixed an issue where DFS channels might still be used when the option "Allow auto-switch to DFS channels" was not enabled.
- Fixed an issue on traffic control: When an MR2200ac was assigned a traffic priority rule and then added to a mesh Wi-Fi system, its traffic priority rule could not be removed.
- Fixed an issue where client devices could not be remotely started up via WOL when SRM was under the Wireless AP (bridge) mode.
- Fixed an issue where a future time might be displayed in Log Center if the correct NTP information could not be obtained.
- Fixed an issue where automatic updates of system databases might fail if SRM's system time was incorrect (e.g., a future time).
- Fixed an issue where SRM didn't show reminder messages when hostnames at the DHCP Reservation tab contained illegal characters.
- Fixed an issue where updates of system databases might fail when the system storage was full of dhcp-client logs.
- Fixed an issue where a failure message was displayed in advance when the registration of Let's Encrypt certificate was still in progress.
- Fixed an issue where Smart WAN failovers and failbacks could not be logged.
- Fixed an issue where NAT loopback rules became invalid when a Smart WAN failback was executed.
- Fixed an issue where gateway and DNS information might not be displayed properly in Network Center when a PPPoE connection was established with "Auto" IPv6 enabled.
- Fixed an issue where the status of IPv6 might be shown as "disabled" when an IPv6 PPPoE connection was established.
- Fixed an issue where 6in4 required a public IP address.
- Fixed an issue where Internet connections established via MAP-E might fail after Synology Router was restarted.
- Fixed an issue where SRM didn't show a reminder message if an external storage device containing archived logs was about to be removed.
- Fixed an issue where source IP addresses of failed login attempts might not be displayed in Log Center.
- Fixed an issue where SRM updates might fail when a shared folder name contained whitespace characters.
- Fixed an issue where SRM updates might be unavailable on the GUI due to incorrect detection of storage capacity.
- Fixed an issue where automatic updates of Threat Prevention's signature database might fail if system database settings in Control Panel were modified.
- Fixed an issue where SD cards and USB devices were still recognized as formattable devices in Control Panel when they were read-only.
- Fixed an issue where SRM didn't show reminder messages when the system storage was full of auto-block IP data.
- Fixed an issue where the tab names at Control Panel > System could not be fully displayed when the display language was French.
- Fixed an issue where logs might be repeatedly archived after Synology Router was restarted.
- Fixed an issue where Smart WAN load balancing might not work properly when changes were made to interface priority.
- Fixed an issue where Internet traffic might be double-calculated in traffic reports.
- Fixed an issue where the IPv6 address of DDNS hostname might be displayed incorrectly.
- Fixed an issue where DDNS updates might be unavailable if the update failed once.
- Fixed an issue where the time of some regions might not be displayed correctly.
- Fixed multiple security vulnerabilities regarding OpenSSL (CVE-2020-1968, CVE-2020-1971, CVE-2021-23840, and CVE-2021-23841).
- Fixed multiple security vulnerabilities regarding wireless protocols (CVE-2020-24588, CVE-2020-24587, CVE-2020-24586, CVE-2020-26146, CVE-2020-26145, CVE-2020-26141, CVE-2020-26140, CVE-2020-26143, CVE-2020-26147, CVE-2020-26139, CVE-2020-26144, CVE-2020-11301).
- Fixed a security vulnerability regarding Kerberos 5 (CVE-2020-28196).
- Fixed a security vulnerability regarding GeoIP databases (CVE-2020-28241).
- Fixed a security vulnerability regarding nDPI (CVE-2020-15476).
- Fixed multiple security vulnerabilities regarding tcpdump (CVE-2018-19325 and CVE-2019-15165).
- Fixed a security vulnerability regarding Linux kernels (CVE-2019-15666).
- Fixed multiple security vulnerabilities (Synology-SA-21:19).
Known Issues & Limitations
- Google Cloud Print will not be available on SRM 1.2.5 and above.
- SRM 1.2 will be the last upgradable version for RT1900ac. RT1900ac will continue to receive critical and security updates until further notice.
On top of this, Today we got an update for the VPN Plus and Safe Access packages. VPN pacakge has "up to 47% increase in SSL VPN performance" according to Synology, while Safe Access has gotten a new feature, backup & restore. In case you want to migrate from one router to the other, you can now backup and restore your SA configuration.
Finally, do make a note that if you are running RT1900AC router (from 2015) this will be the final feature update for this model. I myself do have one still around and it just finished updating without any problems.
My main 2600+2200 mesh will be updated later today. Hopefully that will also be as painless as this.