MAJOR CHANGES IN v6.45.1:
----------------------
CVE-2018-1157   memory exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server and in some circumstances reboot the system via a crafted HTTP POST request.
CVE-2018-1158   stack exhaustion vulnerability. An authenticated remote attacker can crash the HTTP server via recursive parsing of JSON.
CVE-2019-11477  integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs)
CVE-2019-11478  TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences.
CVE-2019-11479  remote peer to fragment TCP resend queues
CVE-2019-13074  vulnerability in the FTP daemon could allow remote attackers to exhaust all available memory, causing the device to reboot because of uncontrolled resource management.

Like always, it's recommended to keep your devices up to date, instructions for updating can be found @ https://wiki.mikrotik.com/wiki/Manual:Upgrading_RouterOS