Jump to content
RESET Forums (homeservershow.com)

Synology has DSM updates to fix OpenSSL for Heartbleed Bug


Recommended Posts

The Heartbleed bug has been getting a lot of news.  Until this morning I was worried about some of the websites I use and whether they had updated to the latest OpenSSL.


I hadn't thought about my Synology boxes, until I noticed an update to DSM 5 this morning that mentioned fixing a critical issue with OpenSSL.


I'm updating now and will change my password afterwards -- I would urge everyone on DSM 5 to do the same.  I also found an update for my older DSM 4 box.  It was from mid-March but also mentioned OpenSSL, so these updates might apply to everyone using a Synology.


BTW if you're worried about a website you use and whether it's vulnerable to Heartbleed, this site will let you check: http://filippo.io/Heartbleed/ 


There's a decent list of the 100 top sites and their current status by CNET here:  http://www.cnet.com/how-to/which-sites-have-patched-the-heartbleed-bug/


And a huge list (10,000) of servers on this site:  https://github.com/musalbas/heartbleed-masstest/blob/master/top10000.txt?_ga=1.233126620.357228156.1397131066

(note that this is two days ago and many have been patched -- he's working on an updated list at the moment which will be posted).


If you see one you use that's listed as vulnerable, don't change your password until you've checked that it's fixed.  Otherwise your NEW password may be stolen. 


I guess I know where a good chunk of my morning will be going.....  :angry:

  • Like 1
Link to comment
Share on other sites

I've updated my Synology boxes.  Contemplating password changes now.  My lastpass keeps nagging me to do a password audit anyway!

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Create New...