Synology, I will never get tired of saying it: do you want to be number 1 in the NAS world? If the answer is yes, then you need to find a solution to update third-party packages sooner. 2020 is knocking on our door and it is inconceivable that you have barely released a Security Advisory bulletin for WordPress 5.2.4 today, 18th of October, 2019, when the update was already available internationally from wordpress.org since October 14. If you have released the Security Advisor bulletin, why didn’t you update WordPress to 5.2.4 immediately? What are you waiting for?
Many people have already started to install unofficial Synology packages for a fault attributable to Synology in managing updates to third-party packages. Things are being handled really badly. Because people are looking for shortcuts, searching for updates but can’t find them in the Synology Package Center, the system then becomes unstable, and no longer does its job as errors from manually installed (official) packages occur. If we wait for Synology to release updates to third party packages, we’ll have to wait for months or even years. Embarrassing, right?
This website uses the latest version of WordPress 5.2.4 downloaded manually from wordpress.org because I was tired of waiting for the official Synology package update.
I have desperately and hopelessly sought feedback from Synology, but despite my emails, my continuous tweets and my growing concern, still no real solutions to this issue. I’ve previously talked about the PHP Pear package that hasn’t been updated for about 4 years. I’ve also talked about HTTP 2.4 which was updated to version 2.4.39 after 2 years, but which is already old because, in the meantime, the HTTP 2.4 version was brought up version 2.4.41 with important security warnings. Let’s not talk about the fact that phpMyAdmin has not been updated to work properly with the latest version of PHP 7.3 and it looks like a nightmare. There are also problems with MariaDB 10 which stopped at version 10.3.11, despite my doubts since the new MariaDB 10 version 10.4.8 has been out for months.
Contacting support is a closed door, no one releases information on this aspect, which is quite worrying. We are all waiting for the new DSM 7.0 operating system to come out with great enthusiasm, but what good is a new version of the OS if the management of third-party packages remains the same? Is there no team, just a handful of people who do only this? Throughout the year I followed Synology international events, but never has Synology talked about an update of third-party package management. Oh Synology, how I would like your official answer, an opening that we all look forward to.