Sanook
February 14, 2024, 12:43am
1
The Nextcloud Security Scanner displays for Nextcloud 25 “Major Version still supported” although the version is already EOL since 2022-10-19:
What does this mean?
Thank you!
wwe
February 15, 2024, 9:46pm
2
Nexcloud security scanner keeps old results forever
I use icinga2 for monitoring various servers. One of the checks scans various Nextcloud versions for vulnerabilities via scan.nextcloud.com . I noticed that a Nextcloud version that I forgot to update still gets an A+ rating, even though Nextcloud version 24 is EOL or EOS. This makes the Security Scanner pretty useless.
[screenshot]
take a look at “Scanned at…” and don’t forget to hit [trigger re-scan] button
Hi, could someone please use the security scan with Nextcloud 25.0.5 which is available through internet and report their result?
[image]
[image]
Welcome to the Wiki. you are welcome to improve and extend this post
Sanook
February 16, 2024, 2:16am
3
I have triggerd a rescan already of course before i posted it here.
devnull
February 16, 2024, 9:34am
4
@wwe EOL ? What about Nextcloud Enterprise ? Aren’t there longer support periods there?
wwe
February 16, 2024, 10:20am
5
I have no idea if it takes into account Enterprise versions (if it’s possible at all to detect the versions Enterprise or not from outside). My personal expectation would be it follows the Maintenance and Release Schedule · nextcloud/server Wiki · GitHub as Enterprise customers likely would not rely on the scanner at all… but fact is the scanner is frequently outdated
Support intro Sorry to hear you’re facing problems
maybe it would be better Nextcloud stops this offering as it causes lot of confusion…
