Plex Media Server - NAS application updates level of service

I run Plex Media Server 1.41.8.9834 on a TerraMaster F2-212 (ARM). This NAS is advertised by TerraMaster as being Plex capable, and it’s listed in the compatibility guide published by Plex.

I received the security notice email from Plex as described below back on 15 August, although the vulnerability was first announced on 9 August.

So here we are, 6 weeks later from a vulnerability Plex deemed so serious that it emailed server hosts requesting:

We strongly recommend that everyone have their PMS updated to the most recent version as soon as possible, if you have not already done so.

:person_raising_hand: My question to Plex…

What level of service should we expect from NAS partners in providing critical security and other application updates in a timely manner? Is 6 weeks plus acceptable?

From what I understand, there’s no official service level by those NAS platform / app center operators. They’ll tend to update apps in their platform when „they get to do it“ (which, depending on the platform, can take quite a while — I don’t have any particular experience with TOS, good or bad).

I’m a situation like this, it’ll often be better to get the latest version from Plex‘s official download page and install it manually

Thanks @tom80H . Unfortunately those files from the official download page don’t work on my particular NAS, I have to install from the TOS App Centre. See also here.

My question to Plex stands. If partners advertise their technology as being Plex capable or compatible, are there certain obligations they need to meet, including providing updates in a timely way?

The current situation where a partner does not provide timely security patches for a critical vulnerability (severe enough to warrant Plex mailing users directly) reflects poorly on Plex.

EDIT: TerraMaster has in fact silently released a 1.42 update to Plex Media Server for ARM. Better late than never :neutral_face: