ATTENTION! This release contains an XSS and SQL Injection Vulnerability fix. All previous versions of kunena are affected. Please update immediately.

Kunena 3.0.6 [K 3.0.6] is available for download as a native Joomla extension for J! 2.5 and J! 3.x. This version is a security release for Kunena that addresses several maintenance issues that have been reported since the last version release. and this new version replaces (and makes obsolete) all previous versions of Kunena.

This version of Kunena coincides with the simultaneous release of an updated language pack, downloaded separately, for deployment on non-English websites. The release of this version does not not coincide with the release of other Kunena Add-ons that have not been updated at this time and that may or may not be updated for this version.

In general, Kunena Add-ons designed for previous versions of K 3.x should interoperate with this version of Kunena; in general, Kunena Add-ons designed for older major versions of Kunena will not interoperate with this version of Kunena.

The summary of important changes in K 3.0.6 are:

  • XSS vulnerability (credit goes to Raymond Rizk from Dionach Ltd., thank you for the report, much appreciated.
  • SQL Injection vulnerability (credit goes to Raymond Rizk from Dionach Ltd., thank you for the report, much appreciated.

The Kunena 3.0.6 release notes are essential reading before installing K 3.0.6 for the first time or if you are upgrading from an earlier version of Kunena.

Upgrading to K 3.0 involves changes that may affect Kunena's interoperability with other extensions installed on your site. For this reason it is advisable that you first test K 3.0.6 on a test site before you upgrade your live production site(s).

For users who are familiar with older versions of Kunena, an overview of some of key differences is given in Kunena Features in the Wiki.

Other details

Find the full online README: Here.

K 3.0.6 is available for download on the download page.

K 3.0.6 is has been tested with the latest J! 3.3.3 (stable) and further work has been done to make Kunena more compatible with the J! 3.2.X series. For people contemplating the use of J! 3.3 on their site they should first test K 3.0.6 to make sure that there are no outstanding compatibility issues.

Other plans

The team is is continuing to develop new, optional add-ons for Kunena — additional templates and features (e.g. WYSIWYG editing, "teasers") — that will be probably become available in the medium-term on a commercial basis (that is, things people will be able to purchase). The basic component and the currently available modules and plugins will continue to be available at no cost and there are no plans to reduce the current features in those areas.

Log in to comment

suamaytinhits replied the topic: #1 7 years 9 months ago
Thanks Coder4life and Kunena Team.

Upgraded from 3.0.5 to 3.0.6 / Joomla 3.3.3 without a hiccup.
sozzled's Avatar
sozzled replied the topic: #2 7 years 10 months ago

lifeguard wrote: It was a plugin ... JCH optimize

Yes, we have written many times in this forum , JCH Optimize is not recommended if you want to use Kunena.
lifeguard replied the topic: #3 7 years 10 months ago

lifeguard wrote: this update sucks.

i have a site joomla 3.3 with kunena 3.0.5 and its ok.

i see the update, make a copy of the site, and update to kunena 3.0.6
so far so good.

but the speed of kunena 3.0.6 its horrible.

i cannot understand why it works so slow.
my kunena 3.0.5 need 0,200seconds to load a page, but 3.0.6 needs almost 6 seconds to load everypagee.

the sites ar the same, because its only test copy.
i am not gonna update this to my live-site because my members will kill me.

for the record, all other components working fine. News, search, admin works fast. Only kunena is slow.

Ok, after a time, i will give a reaction.
You were right. It was me, who failed with this.

Foprgive me for this post. It was not to blame anybody, and i have mucht for the team behind Kunena, and his supporters.

It was a plugin, who makes my site slower. JCH optimize. Maybe i mis a setting, or something.
But on a new site, with same config, it works like a charm.
Thanks people, and aigain, forgive me for my stupid comment here.
Oddy94's Avatar
Oddy94 replied the topic: #4 7 years 11 months ago
IceCube replied the topic: #5 8 years 5 days ago
Yeah, I already tried this and it won't add new entries (like Kunena) to the table. Purge only resets the enabled column to 1 and Find Updates will check the availability of the URLs and sets enabled to 0 if a URL can't be opened.
Then I'll go for a manual update and let you know if an entry to this table is added with it.

edit: Update successful and entry with URL was added to the table :)