Qnap [firmware release] QTS 4.3.2.0128 for TS-X28 / TAS-X68

QoolBox

Représentant QNAP
2 Janvier 2014
10 559
163
153
49
France
www.qnap.com
le firmware 4.3 passe en stable pour les modèles TS-x28 et TAS-x68

QTS 4.3.2.0128 Build 20170313


[Bug fixes]

Code:
- Fixed a vulnerability in a configuration file that could be exploited to compromise the security of sensitive data. (CVE-2017-5227)
- Fixed an Apache HTTP Server vulnerability that could be exploited to deny requests to a server. (CVE-2016-8740)
- Fixed an issue where the TS-x51A, TS-x28, and TAS-x68 series could not detect a SD memory card inserted in the built-in SD slot.
- Fixed a stack overflow vulnerability that could be exploited to gain control of the EIP register.
- Fixed a SQL injection vulnerability that could be exploited to execute arbitrary SQL commands.
- Fixed a command injection vulnerability in transcoding that could be exploited to execute unauthorized commands.
- Fixed a heap overflow vulnerability.
- Fixed a cross-site scripting vulnerability that could be exploited to inject arbitrary JavaScript commands.
- Fixed 2 stack overflow vulnerabilities that could be exploited to cause segmentation faults and gain control of the EIP register.
- Fixed a command injection vulnerability in transcoding that could be exploited to gain the administrator privileges and execute unauthorized commands.
- Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6361)
- Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6359)
- Fixed an access control vulnerability that would incorrectly restrict authorized user access to resources.
- Fixed 2 stack overflow vulnerabilities.


[New Feature]

QTS

Code:
QTS Desktop
- More customization options have been added to the login screen.

Resource Monitor
- Added the Resource Monitor QTS App.

Notification
- Added a firmware update notification.
- Added browser notifications.

CIFS/SMB
- Added support for Samba 4.4.

Domain Security
- Added support for redundant domain controllers.

Security
- Added support for certificates from Let's Encrypt.
- Users can now be forced to change their passwords on a regular basis.

Users
- Privilege settings have been added for domain users.

Time Machine
- Time Machine now supports the SMB protocol.

File Station
- Added a rename policy for filename conflicts when copying/moving files.
- Remote connection now supports automatically finding local devices.
- Enhanced the File Station UI to provide a better user experience.
- Enhanced the UI of the share link page on mobile devices.
- File integrity is now checked when copying/moving files.
- Qsync team folders can now be accessed in File Station.

FTP
- FTP connections can now have higher speed transfers.

NFS
- Added support for NFSv4
- NFS now supports IPV6

QVPN
- Integrated VPN Server and Client into QVPN Service.
- Added support for L2TP/IPsec VPN clients.
- OpenVPN clients now support importing OVPN files to establish connections.
- Added support for domain users to use VPN services.

Photo Station
- Keyboard shortcuts can now be used the media viewer.
- Enhanced the UI for multi-zone streaming controls.
- Integrated media folder settings from the Control Panel.
- Enhanced the Manage Mode UI (Integrated albums and smart albums).
- Added support for advanced folder permission settings.
- Added support for domain users to log in.

Music Station
- Added multimedia streaming support for Sonos devices.
- Enhanced the Music Station UI to provide a better user experience.
- Added support for domain users to log in.
- Added an advanced search function.
- Output devices can now be set for the Music Alarm.
- Added a mini player.

Video Station
- Improved the UI for multizone streaming.
- Added support for advanced folder permission settings.
- Subtitles can now be embedded into videos when playing them.
- Improved the video upload procedure.
- Improved the UI for opening share links.
- Added support for LDAP users.
- Bookmarks can now be added to videos.
- Added the ability to download information from TheTVDB.
- Files over 2GB can now be uploaded.
- Subtitles can now be displayed for MKV and ISO files.
- Added an advanced search function.
- Videos can now be uploaded to YouTube and Youku.
- Different audio tracks are now supported.
- Improved the UI for TV series information.

Download Station
- Users now can monitor the seeding progress.
- Users can now monitor the progress of downloading FTP folders.
- Enhanced the Download Station UI to provide a better user experience.
- Open source add-ons can now be added to Download Station.
- Specific network interfaces for Download Station can now be set up.

Help Center
- Enhanced the Help Center UI to provide a better user experience.

App Center
- Apps can now send notifications and be automatically updated.

Installation
- Added support for establishing CloudLink connections during Cloud installation.


[Enhancement]

QTS Desktop
- Enhanced the interface of the log-in screen and QTS desktop.

Database
- Added support for MariaDB 5.5.47

Event Logs
- Users can now choose to compress the automatically saved logs.

Notification
- Enhanced the Notification UI.
- Enhanced the user interface of notification emails.
- Enhanced the push service.

Shared Folder
- A warning message has been added to confirm the removal of shared folders.

Web Server
- Added support for PHP 5.6

Firmware update
- Users can now choose intervals to check for firmware updates.

QTS-Misc
- Warning event notifications are now provided when volumes are locked.


[Change]

Download Station
- Users can now be notified when downloads complete (instead of when download tasks complete).


[Notice]

- Removed the option to configure the MTU size on the TS-x28 and TAS-x68 models, due to hardware limitations (jumbo frames are not supported).
- Before updating the firmware of the NAS managed by Q'center to 4.3.2, please ensure that the version of Q'center is 1.3.503 or newer so that the Q'center Agent on each NAS can support 4.3.2. (Q'center itself currently does not support 4.3.2.)
- After updating the NAS managed by Q'center to 4.3.2, the administrator of Q'center must input the password of each NAS at Q'center Server to continue monitoring.
- TwonkyMedia is no longer supported. Use the DLNA Media Server built into QTS as your DLNA server.
- To use Qsync in QTS 4.3.X, please click here to download Qsync for Mac


[Bug fixes] 

- Fixed a myQNAPcloud certificate validation vulnerability (CWE-295).
- Fixed a vulnerability in a configuration file that could be exploited to compromise the security of sensitive data. (CVE-2017-5227)
- Fixed an Apache HTTP Server vulnerability that could be exploited to deny requests to a server. (CVE-2016-8740)
- Fixed a stack overflow vulnerability that could be exploited to gain control of the EIP register.
- Fixed a SQL injection vulnerability that could be exploited to execute arbitrary SQL commands.
- Fixed a command injection vulnerability in transcoding that could be exploited to execute unauthorized commands.
- Fixed a heap overflow vulnerability.
- Fixed a cross-site scripting vulnerability that could be exploited to inject arbitrary JavaScript commands.
- Fixed 2 stack overflow vulnerabilities that could be exploited to cause segmentation faults and gain control of the EIP register.
- Fixed a command injection vulnerability in transcoding that could be exploited to gain the administrator privileges and execute unauthorized commands.
- Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6361)
- Fixed a command injection vulnerability that could be exploited to gain the administrator privileges and execute unauthorized commands. (CVE-2017-6359)
- Fixed an access control vulnerability that would incorrectly restrict authorized user access to resources.
- Fixed 2 stack overflow vulnerabilities.


Code:
http://download.qnap.com/Storage/TS-X28/TS-X28_20170313-4.3.2.0128.zip
http://download.qnap.com/Storage/TAS-X68/TAS-X68_20170313-4.3.2.0128.zip
 
Bien bonne nouvelle ! :D
Une date sur une version pour les autres (finale ou beta encore) ?