Hi all ,
I recieved a notification from my nextcloud instance that an update for 29.0.7.1 is available for installation. When I check my instance with scan.nextcloud.com (with trigger rescan) it still as of now reports as being on the latest patch level. Is that a “works-as-designed”?
Best regards,
Ralph
Hi @ralle12345
If you’re currently on 28.0.11, then the test would actually be correct, as NC 28 is still supported, and 28.0.11 is the latest patch level for that version.
See also here: Maintenance and Release Schedule · nextcloud/server Wiki · GitHub
As stated in my original post, I’m on 29.0.7.1 with 29.0.8 announced at 2024-10-10. I’m aware that obviously scan.nextcloud.com does not know about the update and needs work. I would think that a security scanner for some product should be in sync with the release schedule and not mark a not up-to-date deployment of said product as being current and “A+”
That was my first thought, but it’s actually not exactly what you said, which caused me to edit my post. 
You said you received a notification for 29.0.7, not that you actually updated to it, and btw, I find it a bit odd that the updater would even offer you 29.0.7, since the latest release of the 29 branch is 29.0.8.
Anyway, these are all just side notes to the main topic, which is the security check.
Well, I can’t argue with that, of course, and no, it’s not “by design”. It is meant to tell you that you are not on the latest patch level and that you should update to 29.0.8, which I strongly recommend you do now if you have not already done so
Maybe you must make a re-scan on the website.
You can test every Nextcloud with https://cloud.server.tld/status.php
The updater didn’t offer 29.0.7, but 29.0.8, since I already was on 29.0.7. Just for completeness 
I have. Since I monitor scan.nextcloud.com for a few Instances on a daily basis I wanted to know how soon after my nextcloud instance notified me about the new release scan.nextcloud.com would complain about an outdated installation. This topic should point the maintainers of the scan service towards a (from my point of view) problem with the scanner. I think as soon as a release comes out, a server must not be marked as current.
Yeah well you could have just said that. No need to beat about the bush in this case, imho
As for why the scanner hasn’t been updated, I can only guess that someone has to update it manually when new releases come out, and that someone has forgotten to do so, or is somehow unavailable at the moment… 
Yes, it works as designed. Unless your Nextcloud Hub version (28 - aka. Hub 7) is End-of-Life (December 2024), being on the last patch release is okay.
It knows about the updates. It’s part of the release work to bump the version. It’s just okay to be on a supported version.
When 28.0.11 is out, 28.0.10 will be flagged as “not up to date”, 28.0.11 will be required.
But currently, when I scan an instance with 29.0.7, the scanner says that the instance is on the latest patch level, even though 29.0.8 was released last Thursday. And that, as I understand it now, is probably what @ralle12345 was trying to tell us in the original post.
@bb77 Exactly! You got it! That was exactly my point.
@nickvergessen I was on the then semi-latest release (29.0.7) when I checked with the scanner which still showed the checkmark for being on the latest patch. This (and that is my point) was absolutely not true.
Seems the cron errored, i manually ran it now and it worked now. So should be up to date now.
So TLDR: It should always be around the same time, with a maximum delay of 3h on scan (auto-deploy time duration)
This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.