×
Kunena 5.2.6 released and Blue eagle 1.6.6 released (25 Jul 2021)

The Kunena team has announce the arrival of Kunena 5.2.6 [K 5.2.6] which is now available for download as a native Joomla extension for J! 3.9.x. This version addresses most of the issues that were discovered in K 5.2 and issues discovered during the development stages of K 5.2.6

× Topics that are moved into this category are generally considered to be closed. Users may want to add additional information but these topics should not be resurrected in order to discuss new problems or unrelated matters.

Question Security and Kuena?

More
12 years 2 months ago - 12 years 2 months ago #1 by ssnobben
Security and Kuena? was created by ssnobben
Hi

I read in Joomla blog today about security and saw this security announcment from IBM about Kuena.. IBM report

kunena-forums-joomla-sql-injection

rgds
Last edit: 12 years 2 months ago by ssnobben.
The topic has been locked.
More
12 years 2 months ago #2 by Matias
Replied by Matias on topic Re: Security and Kuena?
We emailed them just before you found it and asked to mark it as fixed in Kunena 1.5.5.

The bug was fixed when we first heard about it, but unfortunately we introduced two regression bugs because of those fixes.

Next bug fix version (1.5.6) will be hopefully out in 1-2 days (depending on testing efforts).
The topic has been locked.
More
10 years 7 months ago - 10 years 7 months ago #3 by ssnobben
Anyone tested the Joomla master htaccess file from Nikos?

Joomla 1.6 htaccess file v 3.3+

akeeba.assembla.com/code/master-htaccess/git/nodes/htaccess.txt
Last edit: 10 years 7 months ago by ssnobben.
The topic has been locked.
More
10 years 6 months ago #4 by spookyxf
Isn't this pretty much what admin tools pro produces?
The topic has been locked.
More
10 years 6 months ago - 10 years 6 months ago #5 by sozzled
Replied by sozzled on topic Re: Security and Kuena?
This topic was started nearly 2 years ago about security issues in K 1.5.5. Those issues affected Kunena's listing in the JED and were quickly fixed. The latest couple of messages, posted in the past day, have nothing to do with K 1.5.5. In fact that are completely off-topic to the original subject.

If people have security concerns about K 1.6 we would like to hear about them and they should be posted in the K 1.6 Support category. If people merely want to enquire about keeping their forum safe from intruders and ne'er-do-wells then they should look at the general discussion [Merged topic] How to protect my forum from spam .

I do not like locking topics because it may give the impression that we do not want to discuss certain things. That's not the point. In this case, I think it's necessary because further discussion (in terms of a long-fixed K 1.5 Support matter) is confusing.
Last edit: 10 years 6 months ago by sozzled.
The following user(s) said Thank You: spookyxf
The topic has been locked.
  • Not Allowed: to create new topic.
  • Not Allowed: to reply.
  • Not Allowed: to edit your message.
Time to create page: 0.087 seconds