Today Synology pushed out a new DSM version, 7.1.1-42951. This release is covering a large number of security patches as well as a few new features, and small updates.
Version: 7.1.1-42951 Release Candidate
- Starting from this version, the bad sector count column will not be displayed along with hard drive information. Users should go to each drive's Health Info > History to view its complete bad sector information. To determine whether bad sectors are affecting the drive, see if there's a significant increase in the number of bad sectors over time.
- Adjusted how the system calculates M.2 NVMe SSD'S estimated lifespan to provide a more accurate estimation.
- Added support for recipient profiles for email notifications, allowing users to add multiple email addresses under each profile and customize rules for the profiles.
- Users can now enable the quota setting for shared folders that are located on volumes with data deduplication enabled.
- Added support for RAID arrays with 16 and 20 hard drives when creating RAID groups.
- Supports checking the 2-factor authentication status of user accounts at Control Panel > User & Group > Users.
- Fixed an issue where the "Enable UID/GID shifting" setting would be deactivated after modifying the time interval for updating the user/group list on an LDAP client.
- Fixed multiple security vulnerabilities regarding CIFS-utils (CVE-2022-27239, CVE-2022-29869).
- Fixed a security vulnerability regarding OpenLDAP (CVE-2022-29155).
- Fixed a security vulnerability regarding cURL (CVE-2022-22576).
- Fixed a security vulnerability regarding Zlib (CVE-2018-25032).
- Fixed a security vulnerability regarding Freetype (CVE-2022-27406).
- Fixed multiple security vulnerabilities regarding 802.1X (CVE-2021-30004, CVE-2021-30266).
- Fixed multiple security vulnerabilities regarding GNU C Library(CVE-2021-43396, CVE-2022-23218, CVE-2022-23219).
- Fixed multiple security vulnerabilities regarding YAML-cpp (CVE-2018-20573, CVE-2018-20574, CVE-2019-6285).
- Fixed multiple security vulnerabilities regarding Linux Kernel (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2020-12770, CVE-2019-18282, CVE-2019-19527, CVE-2019-19532, CVE-2019-19537, CVE-2021-0605, CVE-2021-3732, CVE-2021-3739, CVE-2021-3753, CVE-2021-4149, CVE-2021-4203, CVE-2021-20317, CVE-2021-20321, CVE-2021-20322, CVE-2021-29154, CVE-2021-29650, CVE-2021-34556, CVE-2021-35477, CVE-2021-39633, CVE-2021-39698, CVE-2021-45868, CVE-2022-0185, CVE-2022-0330, CVE-2022-0617, CVE-2022-0847, CVE-2022-1011, CVE-2022-1048, CVE-2022-1055, CVE-2022-1353, CVE-2022-20008, CVE-2022-27666, CVE-2022-28893, CVE-2022-29582).
- Updated OpenSSL to version 1.1.1o to fix multiple security vulnerabilities (CVE-2022-1292, CVE-2021-3712, CVE-2022-0778).
- Updated libarchive to version 3.6.1 to fix multiple security vulnerabilities (CVE-2021-36976, CVE-2022-26280).
- Updated Mbed-TLS to version 2.28 to fix multiple security vulnerabilities (CVE-2021-44732, CVE-2021-45450, CVE-2021-43666).
- Updated Python to version 3.8.12 to fix multiple security vulnerabilities (CVE-2021-3733, CVE-2021-3737, CVE-2022-0391).
- Updated Redis to version 6.2.7 to fix multiple security vulnerabilities (CVE-2022-24735, CVE-2022-24736).
- Updated ISC DHCP to version 4.4.3 to fix a security vulnerability (CVE-2021-25217).
- This version is released in a staged rollout.