QNAP release v4.1.1 build 1101 to secure vulnerabilities

Version 4.1.1 build 1101 has now been released:

http://www.qnap.com/i/uk/product_x_down/

2014-11-05

QTS4.1.1 Build 1101
[Improvement]
- Enhanced the stability of firmware update.
- Enhanced the connection stability of LDAP.
[Fixed Issues]
- Fixed incorrect time zone information for Russia.
- Fixed a security issue of potential data breach (POODLE) by disabling SSL.
- Fixed an issue which causes failure of resizing volume with more than 16TB data*.
  (* Applied Models: TS-x51, TS-x53, TS-x69, TS-x70, TS-x79, and TS-x80)
[Note]
- If you have a Qfix, firmware or app that needs to be updated, we recommend installing them one by one and rebooting your system after each installation (unless instructed otherwise.)
- If you have attempted to upgrade to QTS 4.1.0 Build 0504 and above but encountered issues that resulted in a failed upgrade, please install the Qfix patch by following the instructions below:
[Qfix]
- The Qfix patch can be downloaded from:
   http://download.qnap.com/Storage/Qfix/Qfix_4.0.7.1_all.zip
- Applicable Turbo NAS firmware versions: 3.8.3 ~ 4.1.0 Build 0421
- First install the Qfix patch manually. (Go to “QTS > Control Panel > System Settings > Firmware Update > Firmware Update” to apply the Qfix.)
- After the Qfix installation, DO NOT restart the Turbo NAS, and proceed to update the firmware directly either via online live update or manual update. (If you are still having issues with updating firmware, please contact QNAP Technical Support at http://helpdesk.qnap.com/ )
Posted in Uncategorized | Leave a comment

[QNAP] Protect Your Turbo NAS from Remote Attackers – Bash (Shellshock) Vulnerabilities

Release date: October 5, 2014
Severity rating: Critical
CVE number: CVE-2014-6271、CVE-2014-7169、 CVE-2014-6277、CVE-2014-6278、CVE-2014-7186 and CVE-2014-7187
Affected product: All Turbo NAS models except TS-100, TS-101, TS-200

Summary:
GNU Bash security vulnerabilities (CVE-2014-6271、CVE-2014-7169、 CVE-2014-6277、CVE-2014-6278、CVE-2014-7186 , and CVE-2014-7187), also known as “Shellshock,” might allow remote attackers to inject malicious code via specially-crafted environment variables and run commands from the Bash shell on UNIX/Linux-based systems, including the Turbo NAS.

Solution:

Continue reading »

Posted in Uncategorized | Leave a comment

Qnap release shellshock qfix patch

Qnap have released a qfix for fixing the ShellShock bash vulnerability

Shellshock_1.0.1_all.qfix

 

So far the QNAP is behaving itself, though i expect more vulnerabilities to emerge in the next few weeks as bash gets an overhaul.

Posted in QNAP | Leave a comment

QNAP TS-459 Pro Firmware update – 4.1.1 Build0927

[Version]
QTS 4.1.1 Build0927

[Change log]
Fixed the ShellShock security issue that could allow remote attackers to gain control of the system (CVE-2014-6271).

Posted in Uncategorized | Leave a comment

QNAP TS-49 Pro Firmware update – v4.1.1 Released

Today QNAP released the new v4.1.1 firmware update.  I have just applied the firmware to the NAS and it has loaded successfully.

Release Notes [QTS 4.1.1 Build 0916]  2014-09-16

For TS-x10, TS-x12, TS-x19, TS-x20, TS-x21, TS-x39, SS-x39, TS-x59, TS-x69, TS-x70, TVS-x70, TS-x79, TS-x80, TS-509, TS-809/809U, HS-210 and IS-400 series.
[Enhancements and New Features]
- Updated Twonky Server to version 7.
- Add SMB protocol option: Only allows applications to access files using the long file name format.
- Added the VPN client IP column in “VPN Server” > “Connection List”.
- Enabled email notifications when the RTRR job status changes from “retry” to “standby”.
- Files can be deleted from File Station using the keyboard’s Delete key.
- Added a “View last run log” button in “Antivirus” > “Scan jobs”.
- For files that are being transcoded and added in “Transcode Management” > “Background Transcoding Task”, the option to select resolutions that are already available is disabled.

Continue reading »

Posted in QNAP | Leave a comment

Weewx updated to new Template.

I have now updated to a new Web template for the Weather station.

Based on Byteweather Template for Weewx by Chris Davies-Barnard –

http://davies-barnard.co.uk/2014/01/weewx-byteweather-template/

I have added a few more tweaks to this to give it more depth and links to the local weather stations etc.

Please check it out here:  http://darkmoon.org.uk/weather/

Posted in Weather | 3 Comments

Davis Vantage Vue Arrives

Well I have finally took the plunge and will be upgrading the weather station to a Davis Vantage Vue system. This new unit is by far the best setup possible with very accurate readings given by the unit.  I hope to be setting this up soon when time allows and weather permitting.

Watch this space….

Davis Vantage Vue

USB Data Logger

Mounting Pole Kit

Labgear 29924LAB 3m Aerial Mast

2″ x 1.5″ Clamp

3 Way Guy Clamp with Hooks

Posted in WordPress | Leave a comment

Upgraded MyLightingDetection to v1.3

Version 1.3 (2014-05-01)
————————

- several minor fixes and improvements

Version 1.2 (2014-01-17)
————————

- show comment and website of a station
– import of UTF8 encoded station names
– some other minor fixes
– improved translations

Posted in Weather | Leave a comment

Update to Weather Station

I had noticed over the last few weeks that the rain sensor was not working. I have replaced the sensor gauge out now and hope this will now measure rain again, though I hope the rain stays away for a few weeks! I’m sick of rain!

Unfortunately when I restarted my Weather Station back up I noticed the HDD reporting bad sectors.  I have swapped out the HDD with a new SSD i had bought last week for another project.

Next  plan is to make a new backup once i can confirm all features are working correctly.

Posted in Weather | Leave a comment

Update to website.

So, finally getting the site updated again.

Updates applied today:

WordPress 3.9

Weewx 2.6.3

Pocket PWS link readded.

 

Posted in Weather, WordPress | Leave a comment
« Older