Again security warnings webdav, caldav and news app

I do not know what happened, but I’ve again security warnings that I can not understand. After updating NC to 22.0.0 it was perfect, but for some reasons all .well-known requests are again going wrong.
Also I get a message about an INVALID_HASH that concerns ‘news’. But that app is not active and not on the NC installation anymore. It had to much problems and none of out NC clients used it.
And the new warnings appear on all NC instances.
Updating to 22.1.1 does not solve these problems.

And in all circumstances the security check on https://scan.nextcloud.com/ does mention the fact that things are not up to date. But NC install says it is up-to-date.

So, how reliable are all those security checks?
And why do all these httpd config lines in Apache do not work anymore?
RewriteRule ^.well-known/carddav /cloud/remote.php/dav [R=301,L]
RewriteRule ^.well-known/caldav /cloud/remote.php/dav [R=301,L]
RewriteRule ^.well-known/webfinger /cloud/index.php/.well-known/webfinger [R=301,L]
RewriteRule ^.well-known/nodeinfo /cloud/index.php/.well-known/nodeinfo [R=301,L]

And f the extranal security check says I’m not up-to-date, why does even the beta channel not offer any update?

Who know the answers?