DSM 4.3-3827 Update 4
Publish Time: 2014-06-25 00:00:00 UTC+8
Last Updated: UTC+8
The upgrade of OpenSSL in DSM 4.3-3827 Update 4 addresses the following security vulnerabilities:
- a vulnerability that allows remote attackers to exploit a weakness to perform a man-in-the-middle attack in certain OpenSSL-to-OpenSSL communications and obtain sensitive information. (CVE-2014-0224)
- a vulnerability that allows remote attackers to execute arbitrary code or cause a denial of service via a long non-initial fragment. (CVE-2014-0195)
- several vulnerabilities that allow remote attackers to perform various kinds of DoS attacks. (CVE-2014-0221, CVE-2014-0198, CVE-2010-5298,CVE-2014-3470)
To fix the security issues, please go to DSM > Control Panel > DSM Update page, install the latest updates to protect DiskStation from malicious attacks.