Download Station 3.5-2963

Severity
Status
Resolved

Description

Download Station 3.5-2963 includes the security fix to address the following security vulnerability:

  • The vulnerability that allows an attacker to recover the private key when using Rabin-Williams signatures, which might leak the private information of users.(CVE-2015-2141)

Resolution

To fix the security issue, please go to DSM > Package Center, install the latest version 3.5-2963 of Download Station package to protect DiskStation from malicious attacks.

Note

For the following models, please go to DSM > Package Center, install the latest version 3.5-2490 of Download Station package to protect DiskStation from malicious attacks: DS109, DS209, DS409, DS409slim, DS109+, DS209+, DS209+II, DS409+, DS509+, and RS409(RP)+.