UPDATE: 22/09/2022 - new update 1 has been released for the 42962 version. Details below

Version: 7.1.1-42962 Update 1


Important notes

  1. Your Synology NAS may not notify you of this DSM update because of the following reasons. If you want to update your DSM to this version now, please click here to update it manually.
  • Your DSM is working fine without having to update. The system evaluates service statuses and system settings to determine whether it needs to update to this version.
  1. Depending on your Synology NAS model, this update will restart the device.

Fixed Issues

  1. Fixed an issue where users might not be able to change the desktop background.
  2. Fixed an issue where volumes might become read-only due to data block allocation problems.
  3. Fixed an issue where LUN backup tasks in Hyper Backup might fail after updating DSM 7.1.1.

Today we got a new version of DSM, 7.1.1-42962. Following last month's release candidate of this version, now we got the official one out.

It will be released in a staged rollout, so if you want it now, you need to do it manually using the Download Center page on the Synology website.

This is a massive security release so if your production system is running on DSM 7.1, it would be highly advisable to update to this patch level.

Latest version patched

Version: 7.1.1-42962


Important Notes

  1. Starting from this version, the bad sector count column will not be displayed along with hard drive information. Users should go to each drive's Health Info > History to view its complete bad sector information. To determine whether bad sectors are affecting the drive, see if there's a significant increase in the number of bad sectors over time.
  2. Adjusted how the system calculates the estimated lifespan for M.2 NVMe SSDs to provide a more accurate estimation.
  3. Support for AAC encoded audio is widespread across end devices like smartphones, tablets, computers, and the majority of other media playback devices. The need for AAC transcoding to achieve better compatibility has significantly diminished and will be removed starting with DSM 7.1.1.
  4. Surveillance Station must be updated to version 9.0.1- 7673 or above to be compatible with this update.

What’s New

  1. Added support for recipient profiles for email notifications, allowing users to add multiple email addresses under each profile and customize rules for the profiles.
  2. Users can now enable the quota setting for shared folders that are located on volumes with data deduplication enabled.
  3. Added support for RAID arrays with 16 and 20 hard drives when creating RAID groups.
  4. Supports checking the 2-factor authentication status of user accounts at Control Panel > User & Group > Users.
  5. Added support for SR-IOV on the following the Synology network interface cards: E10G21-F2, E25G21-F2.

Fixed Issues

  1. Fixed an issue where the "Enable UID/GID shifting" setting would be deactivated after modifying the time interval for updating the user/group list on an LDAP client.
  2. Fixed multiple security vulnerabilities regarding CIFS-utils (CVE-2022-27239, CVE-2022-29869).
  3. Fixed a security vulnerability regarding OpenLDAP (CVE-2022-29155).
  4. Fixed a security vulnerability regarding cURL (CVE-2022-22576).
  5. Fixed a security vulnerability regarding Zlib (CVE-2018-25032).
  6. Fixed a security vulnerability regarding Freetype (CVE-2022-27406).
  7. Fixed multiple security vulnerabilities regarding 802.1X (CVE-2021-30004, CVE-2021-30266).
  8. Fixed multiple security vulnerabilities regarding GNU C Library(CVE-2021-43396, CVE-2022-23218, CVE-2022-23219).
  9. Fixed multiple security vulnerabilities regarding YAML-cpp (CVE-2018-20573, CVE-2018-20574, CVE-2019-6285).
  10. Fixed multiple security vulnerabilities regarding Linux Kernel (CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2020-12770, CVE-2019-18282, CVE-2019-19527, CVE-2019-19532, CVE-2019-19537, CVE-2021-0605, CVE-2021-3732, CVE-2021-3739, CVE-2021-3753, CVE-2021-4149, CVE-2021-4203, CVE-2021-20317, CVE-2021-20321, CVE-2021-20322, CVE-2021-29154, CVE-2021-29650, CVE-2021-34556, CVE-2021-35477, CVE-2021-39633, CVE-2021-39698, CVE-2021-45868, CVE-2022-0185, CVE-2022-0330, CVE-2022-0617, CVE-2022-0847, CVE-2022-1011, CVE-2022-1048, CVE-2022-1055, CVE-2022-1353, CVE-2022-20008, CVE-2022-27666, CVE-2022-28893, CVE-2022-29582).
  11. Updated OpenSSL to version 1.1.1o to fix multiple security vulnerabilities (CVE-2022-1292, CVE-2021-3712, CVE-2022-0778).
  12. Updated libarchive to version 3.6.1 to fix multiple security vulnerabilities (CVE-2021-36976, CVE-2022-26280).
  13. Updated Mbed-TLS to version 2.28 to fix multiple security vulnerabilities (CVE-2021-44732, CVE-2021-45450, CVE-2021-43666).
  14. Updated Python to version 3.8.12 to fix multiple security vulnerabilities (CVE-2021-3733, CVE-2021-3737, CVE-2022-0391).
  15. Updated Redis to version 6.2.7 to fix multiple security vulnerabilities (CVE-2022-24735, CVE-2022-24736).
  16. Updated ISC DHCP to version 4.4.3 to fix a security vulnerability (CVE-2021-25217).

Quite a long list of vulnerabilities so best not to skip it. I have updated several machines, including some virtual ones, and they all came up with zero issues.