QNAP QTS 4.3.3.0136 Build 20170328 Beta2

giopas

Grand Maître Jedi
20 Avril 2015
1 084
8
68
EU
Bonjour,

je n'ai pas vu de posts sur le sujet, mais je viens de recevoir la notification sur mes deux NAS.

Changelog:

QTS 4.3.3.0136 Build 20170328 Beta2

[Bug fixes]

- Fixed an issue where Samba would not function as expected after the NAS restarted when an external storage device was connected.
- Fixed a vulnerability in a configuration file that could be exploited to compromise the security of sensitive data. (CVE-2017-5227)
- Fixed an Apache HTTP Server vulnerability that could be exploited to deny requests to a server. (CVE-2016-8740)
- Fixed a stack overflow vulnerability that could be exploited to gain control of the EIP register.
- Fixed a SQL injection vulnerability that could be exploited to execute arbitrary SQL commands
- Fixed a command injection vulnerability in transcoding that could be exploited to execute unauthorized commands.
- Fixed a heap overflow vulnerability.
- Fixed a cross-site scripting vulnerability that could be exploited to inject arbitrary JavaScript commands.
- Fixed 2 stack overflow vulnerabilities that could be exploited to cause segmentation faults and gain control of the EIP register.
- Fixed a command injection vulnerability that could be exploited to execute unauthorized commands. (CVE-2017-6361)
- Fixed a command injection vulnerability that could be exploited to gain administrator privileges and unrestricted access to sensitive data. (CVE-2017-6360)
- Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6359)
- Fixed an access control vulnerability that would incorrectly restrict authorized user access to resources.
- Fixed 2 stack overflow vulnerabilities.
- Fixed an issue where users could not simultaneously perform multiple file copying tasks in a NAS shared folder mounted on a Mac via AFP.
- Fixed an issue where Media Library could not create thumbnails for certain JPEG files.
- Fixed an issue where users could not import the .ovpn configuration file created by QVPN to an OpenVPN client program in certain situations.
- Fixed an issue where a USB Wi-Fi dongle could not be detected again after the dongle was disconnected and reconnected to the NAS.
- Fixed an issue where the IP addresses of adapters in Network & Virtual Switch would be displayed incorrectly after QRM+ Beta 0.9.0 was installed.
- Fixed an issue where the CPU usage would spike regularly every 30 seconds when users logged in to the NAS via the web console.
- Fixed an issue where the network mode of a virtual switch created in Container Station would change from NAT to Bridge after a physical adapter was added to the virtual switch.
- Fixed an issue where Backup Station would not display available destination folders on a remote NAS where the log-in password contained the characters %^&*() when users created a RTRR FTP job.
- Fixed an issue where Storage Manager could not correctly report the health status of certain disks that had I/O errors.
- Fixed an issue where folders named in Korean or Japanese would not be arranged correctly in File Station when sorted by their names.
- Fixed an issue where Dashboard would not display the names of static volumes in error messages.
- Fixed multiple network vulnerabilities in QTS.
Je suis en train de faire la mise à jour et je vais revenir avec plus d'information, si nécessaire.
.

giopas
 
Salut à tous,
Avons-nous une date de publication prévue pour la version stable ? Car en mode pro, je préfère éviter les béta et la fonction certificat SSL Let'sEncrypt m'intéresse beaucoup ! :D
 
En parlant de lest's encrypt.

comment faites vous pour obtenir un certificat avec un domaine personnalisé ?

car moi j'essaie, dans les options de sécurité, je clique sur appliquer, ca mouline, et.....rien !
 
doudoufr a dit:
En parlant de lest's encrypt.

comment faites vous pour obtenir un certificat avec un domaine personnalisé ?

car moi j'essaie, dans les options de sécurité, je clique sur appliquer, ca mouline, et.....rien !

Quand tu lis le descriptif, à priori le certificat généré n'est disponible qu'avec le DDNS fourni par myQNAPcloud.

Tu peux essayer manuellement sinon : https://github.com/Yannik/qnap-letsencrypt

Bon courage !
 
ben écoute, apparemment, je ne sais pas comment ni pkoi, mais ca a du fonctionner aujourd'hui...Alors que ca fait X mois que j'essaie !