Synology Product Security Advisory

Protecting Security Information

To ensure information security, synology advises you to encrypt messages to report a vulnerability by sending emails to security@synology.com.

1. Obtain PGP

You can obtain PGP tool from OpenPGP. In addition, GnuPG is free and available.

2. synology Product Security key

ECC

pub ed25519/E9FE2B61 2016-07-01 [expires: 2021-06-30] 7A93B308018161BB2C476A5972D43FD6E9FE2B61 uid Synology Security Team <security@synology.com> sub cv25519/E41E349B 2016-07-01 [expires: 2021-06-30] -----BEGIN PGP PUBLIC KEY BLOCK----- mDMEV3Y/OBYJKwYBBAHaRw8BAQdAuriCxCHn5pv5c5YWaqQpwrC57z4ePvRa5EfZ LYy6eXi0LlN5bm9sb2d5IFNlY3VyaXR5IFRlYW0gPHNlY3VyaXR5QHN5bm9sb2d5 LmNvbT6IlgQTFggAPhYhBHqTswgBgWG7LEdqWXLUP9bp/ithBQJXdj84AhsDBQkJ ZgGABQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEHLUP9bp/ithtuUA/iKuCY/D 1z76/+Vbe7UT7KrRiNA9kjxNHUpgqqYGOx+AAP46ZjajLp0QzDl/ZF6VYwODtFtA zwa5QS05eiWmTnCICrg4BFd2PzgSCisGAQQBl1UBBQEBB0AaazZz4JCGxDmaL29J oyFrpERp7XGs4sC/pnRGOOZwMwMBCAeIfgQYFggAJhYhBHqTswgBgWG7LEdqWXLU P9bp/ithBQJXdj84AhsMBQkJZgGAAAoJEHLUP9bp/ith39sBAP115/7xTbYWvQ3C oi1dlqp4jBggkFgIaMbMgn8xr+tUAQCAYO5XDnORUlAMRue9rnDl7Xpii6FZ5Zd3 FlFJoTaVCQ== =W2DQ -----END PGP PUBLIC KEY BLOCK-----

RSA

pub rsa4096/CDCD96DD 2016-07-01 [expires: 2021-06-30] 7187F8E11AC0A1D5EBDB53CA3F036844CDCD96DD uid Synology Security Team <security@synology.com> sub rsa4096/15EB6095 2016-07-01 [expires: 2021-06-30] -----BEGIN PGP PUBLIC KEY BLOCK----- mQINBFd2P2sBEACzGbm+AQoI6eyqTl/BZ3vTdbeJiR3V+6wlzKwl2SAx3m3UpQGj ZYLMpFS06DNT6HS2njcnqazGeLM4E4WvTdcGQgSGeJJ9FnX+DEDlXM+7+h6sBPCr rm5RrCV8r+eDybajRKy90eUky/5KDX0WIFZ1BrJHve4x5VqqoGFL+6ecdV36si/Y eWpd8AP9dPJ35ukpVPrdpinlp3GR19wIuxiihcsT+4Ue+2ZQjeDr0pt3xEXWEutP V60m3f+MbuP58qH6qpGqdslrrjdXNnwEpGYLSO6nk6W735v8BJr+E2sOiZ9taVLN kxgdsRV18T+5D8TEaA0zme9wkYVpOj1mPgX/FH5OtRxRdSo+tNCBazIqizrpDeQx 0Chn4Ubnee8kYUCs0E/HgNQGiw2r/WHSr+hfjMn31OMdKC2WOECNJFRfex5P47Xb s8YnKAg9sDOck9gLLlijLr50FBpr0XyjK5vKutKQxlCaQJQBxyyIuFbsMMdOBNrd wuoM0i5Ot8CW4p3xUedv9jR53r/iOF3GUDn8IsYz2gDzYwM1qdPN9NuMT1kuoxWf sWgRd8a0d5hm8ZUWzH0hwDAY2m0rmWGiO2KfDPkkkWCsWGI4xMQHzTRVnZTWImFp pMT8D8Kc8AiVenKPnvWrlSYdqW0T8zOOkNouIEOZokmcX2h2sAsC21/rEwARAQAB tC5TeW5vbG9neSBTZWN1cml0eSBUZWFtIDxzZWN1cml0eUBzeW5vbG9neS5jb20+ iQJUBBMBCAA+FiEEcYf44RrAodXr21PKPwNoRM3Nlt0FAld2P2sCGwMFCQlmAYAF CwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQPwNoRM3Nlt1KEw//etlfaG8DSZ28 ct4x+tG/Zi9oxZhbMHnaF9jtdIc7iqmIcP3xZ14KoUbkpslsnv/1uqmR8pgwFAvR ujFGMPenlKrdyMR9erEdZ+/Q9MC5KsmHJNtLShBfZlAOnGYD0Fu0P8Fq8qf0dirG ckPQnctB2iXweBub6gE6ntvfBNTuslLlLjKGAsmkVfyjRs3+SpS6Ip1Hk8qzNFNL yPpYh+0yVJeiWDwPBylYqhLc8iE+8xzo+ADGZXwzKLF0KPdakrVT2eFWOEOmUoV5 Dh5iMMPEqjRcsGweQjdljnOQBTNYHjIWBDgdWFMvM3LiEWAFRu2TxajwK3EH5tBC ab4NT4waVJ/FuzF721POuVTXgKy4n7IJ6kfMT29uXhGg7s5/pXzfgARe2Vma1TDi boUv57OFKunSg/ULOQheijsnWJM8e8yEgvnU312mRiOjozZJPx6UFVY2q5210BwC lhwwdQt5YoR+pUfnZWz+p9BmXyz2CALj2XiISXaLyjQMzDWmnlPWpWObmZBB+9GQ u7SlfNmW7l3SFAbM7gwVeTgIn7pHwRGOw7CSkWhhrq8QhwNjRPF7mt/wj5z/3ZaV hMNHEFc8gwv94s17e13sh3UB1ASGgOm/h5fJGc0962MtDTPUqEMviaHgK2LP7Yzw p10IsO9C7qge1yTxOqei2mpNySNXcna5Ag0EV3Y/awEQANqiROPe/teJR09ak29e 28T3v5TRphpNGoL9/622ehRszYaeW+thI68PBYF2OoBMezUS8Y6CHyyT2jZKJzhA Mf5aFenySGSQ1ZLnPTlqWlsa6XhQeb1qXwmc4ptm7XnLkCNRwG1dIJ2aO5DcF5dY bvIfZi9fFfp/cSyrxd0Z1nxoTrvGFHDJBoqoDpgSTErXMUdO9hs+1l9KbTNcxQYP Blt44kcDcvGQ9WCB5bGU1mZn3uEkYqWd06FTTnR1kpxHWJVLqd6p/p3RjrMBqTnv 6hwJdt0GG3h3gHhXGGwopXAQjnz25lM3lvLMN+/De5dKo68+P022RnSirX5Kytlj jZMgkWxFwlGV+HFMVUwyyqB3aLehVUSzB8kRz+EJH3EDazCd9lN1TNoZMEBKN+AM ekXstxEMlPH9T8RZz1OGvqRlt+Xv8Bi4iX22AZGqxhbcDR4nZ0mtwB7M9tRoxHZu V+zCakecbgQdZ2HYd/mnlHY2XGybBWdCMqPckt5FLNAjQERWd3BLsV2JMAnyFS4d HKi4/WDD9FNN0wumRckc+ZHhIwdQIJojQGfcSbBT6aKczWrDY37++mEBlBYITim7 QpAoWJX8Z7h4CnOS5vo2WraaHy98KADkfZCCll6j4GOC8Zi6ZlddNDkaRWSH6Png m4Zl9hGc77EB8LYUOLovdB8RABEBAAGJAjwEGAEIACYWIQRxh/jhGsCh1evbU8o/ A2hEzc2W3QUCV3Y/awIbDAUJCWYBgAAKCRA/A2hEzc2W3RWDD/0UK8P1pATl/e0N nzcfKXb0qRdXnaNVsz83Cgxgqr6EveUnunlPqmgPb3ykpDmx5fQRMDcund1Bascw MFIMTLk5aHks/EKNGLJgZ10XkkTGI4z5MxpyaYAs5PVTe51IVVtMR9dpsI6uu+0m vzPF0+13cG+Ofdxy2gkRReiKMC1UvQdLnrvNKc8LC7z4cVqwkxUWBxXKZ8GWaDqQ IUl1vtdBy61n2uJgDSMINKZiejNmeSy+VLiZ0V4MRP7KgQVEFy7cI7f5MIckElD6 Fdidj9fhRIKQ4FKTil6UN1BWiup69z7+zV/c1Te22cdaomZBfpCq+gSIBk0qkUUH JLghyrVWcjc4GNRTETLWMbQWx26376qFgrhcGe9uzvSgKoETMUcUocCEH/Admd8y Ks4m8CsjNlMK+QSCl/I3swOQN5uJIJTvS3fr10eFl2mirkMgNX3E4WyNCpIhwHO0 Ow9npUdxQ8fIKOI+v5Hw/Qjk7UD9krszbsmpE5NhQY0lv6+dVx7PTGsDfM2TS4cX UmDEgjAkzsy3jGjdy97oatVwO5JUaPPrscbSrZ6W4z5ofFrGb/U0VaOprTjdQ4oz 7Ic2e6zL/oE0rqLmybNtTliytHBZjB8RFHs0J7aJwKF3u36s+7VwJSOnMbjMFPl/ iD9uEKQQdcCYN61gFTLgf2vFkql06g== =RAtH -----END PGP PUBLIC KEY BLOCK-----

Deprecated

-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.11 (GNU/Linux) mQMuBFMjAGoRCACBXLLPzxvTSxAOpfaWD+3Az0MNsE+RRgu4IDK49zRgsvWhqGrV jWxrTo4vgXg7iyxYg2ZNLQkZDN7JKG4qq4iC2SBIvniyxGY0bBGpN8PA4nQ9mew6 CSbAfnMD5uwprqBKb/RKUofdU7BeW9CNc5aw1i3NFw5YGOhBJsjK/dd2kp3RQSYh SKRdYqrOBeQ65OnYxXXbXbaSLfOML+XytQ3YdtX/8kDYuFWcQiAscJunpom8PGw+ 0MIPnGNek6YePxw2vy5Qhv1tJODWpe+NXEWwoNb3GIxiMJ67liQfhY4dtnjhSGOl vUO7HOEYEJvfivkTnoG1bv/s5CPF1Qy9yyn/AQCDINA3gXT/fUteNqaaR3c+TNyX 7DbNh9wA64FCPLveQwf9GraX29JyCI92rJnsK/ewYyzO/OQXHTTThZlci3r6AXLV 7u/kLVx/6CE2v/FVKUfIWRNV2Y4uKV9XikUztHzxxj7rGY+5LXSdDy4ORyOrOCYa sczFh0XZDybJUMRy69F3HVCM4CEKZfglRLMg2U5mzt61nltRJl1c1s8I42fVRv/4 DezLCCMNBkfIXoB4zZA6i27WQ0RSdx5j2Yc56FWT/CdQJJ3J/7HDtXZMVI6w0S8g I0HhpTJeQcjjdGVEQdDCjaLhuBOBVAEuVAn2i8anBF34/6pGCPEraAERd0C3cI9t BnCF5VXaekxlIEUGESCD7j+4zqvbfp41vgQ1+MaE5gf/U38PJNHux5IppJfu7lPM 08G2uDnvsAA+Qm7Yl/YXcFvOTOtLplVNsmF081BiYcJwYS/FIkosuHB2bwEBx7sc GBR5YxICZZMNAZ/1w9sxjQrjcyfTMnbjE8+j4G9LbFSf5tOPxtpg+pRvOpsePWjO 9oJDqMvNDcVmlYLYzga22f89j2CT4iGMDUbq+pBuar4T8YVes+NpOs09WVfOSWov 8zvU1RF2+lcUk3iI4dESo4Mm3Yxrtk1Z29RaRz55fSmXBGpRxWg6gEg2LLXCOYvb NkA8fVIJo8sRwOsOggsd52D1mf02tQfGa1cTilLXEBYVfkpdNo+sD1Rp58uzvbId XLQrU3lub2xvZ3kgKHNlY3VyaXR5KSA8c2VjdXJpdHlAc3lub2xvZ3kuY29tPoiA BBMRCAAoBQJTIwBqAhsDBQkJZgGABgsJCAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAK CRAcK6GTktbjQ3iRAP91Q0w/syONP0TLJaUybiLG54jDC2j994QtJ4bOPwdLiQD/ fqJSOW/EXPYCcNGRQChoQM0ph6EovFkg0szzSgnnzb25Ag0EUyMBRBAIAK1CWyis LgIZQ1DMEkV3oA04JSH7FV3daFVMW3TJ9HHHE2/WG41Q3Kin+9fZ4BwH0BAzLDpA ruh4KvOPQWMmVyoerjiZjN0q5gNnBpfORgjAvsvd4KX0Be+KGPr7dEsvt5vjkScG 6f+Pe4Ge8VtUni4YXf3YI13jMzeL7Mp3GPsBGx/ZW7hxamNEfmC1/eMTrTwDzw2w IayLfchyA27xXg0YyhAck6FQy1ttQSDmtu/4tFgt9kk07VKKItDeKZeNffbiEHGc 3IerzJgCcm3Z1qgWpvYHL5FkAZlP0CixZpjgzvqs1txbnPBiF0Ac3ryf3By+BIRA mmLPCSr58r9WT2sAAwUH/RY8agPtTdqTdKyuwgqOUq5mvcC4IV9JwBPuLGKCg4Tn NC0I0pXLkoKxhzdCPwc8OP3J2f++HXS43j/SLAeJ+ZmvgU1y1jjl9BDd2J2U3iA8 lrm4cTuRzxMB3sotwvL58rnknVs+v4fWC6vniOgzaQq/GRRv/ECGoiK7dAUl6E2t 5mMm3zxPn1L2a9PbLIAu6haVxjY8ThegoW0JxsrB64uGhGqAPYQ0mRKHwAadXE62 nkaKoJ+Aosn3rSQulnhZzYSJh6MPo0RtHCQ3C2PwaiQyRGhBCYnfq1pGYSm1zzLV VyX/48GIedfIBJ3O9l1MuuzyMRtJP/iu7IuNd6BYapKIZwQYEQgADwUCUyMBRAIb DAUJCWYBgAAKCRAcK6GTktbjQ/7ZAP9whG0sjiIoC1osoeJiLgt21NsqCdBqWjKN vPM5EAgPJgD+MxxPrXLSC5yChDRugTp4bT264SEKIwx7Pt95F6pYZ94= =UHcA -----END PGP PUBLIC KEY BLOCK-----