Synology Inc.

[Franklin]

For April
Known vulnerabilities that should be fixed immediately.
1. Fix samba's security issue by applying security patches.
2. Fix the vulnerabilities of mt-daapd by upgrade it to 0.2.4.1

For May:
Upgrade packages and disable less secure functions.
1. Upgrade Apache, PHP, OpenSSL, rtorrent
2. Turn off HTTP Track, enhance SSL security level
3. Do not run LPR when there is no printer. Do not run LPR as root.

For Sep.
1. Disable PostgreSQL TCP/IP port. We need TCP/IP now for Download Redirector.
2. UPSd listens on remote port: We will add an option on UI to disable this.
This function is need for multiple DSes share 1 UPS.
3. All service running as root: We will review all service and run as root only when it is needed.

Will not implement:
1. Samba: NULL sessions are enabled on the remote host: We need this for guest login.
2. Samba: Shared files do not respect filesystem ACLs: We need this for share level access control
3. Running CGI as root. We need root permission to change system configuration.


All information is subject to change without notice.