Question Security and Kuena?

Hi

I read in Joomla blog today about security and saw this security announcment from IBM about Kuena.. IBM report

kunena-forums-joomla-sql-injection

rgds

We emailed them just before you found it and asked to mark it as fixed in Kunena 1.5.5.

The bug was fixed when we first heard about it, but unfortunately we introduced two regression bugs because of those fixes.

Next bug fix version (1.5.6) will be hopefully out in 1-2 days (depending on testing efforts).

Anyone tested the Joomla master htaccess file from Nikos?

Joomla 1.6 htaccess file v 3.3+

akeeba.assembla.com/code/master-htaccess/git/nodes/htaccess.txt

Isn't this pretty much what admin tools pro produces?

This topic was started nearly 2 years ago about security issues in K 1.5.5. Those issues affected Kunena's listing in the JED and were quickly fixed. The latest couple of messages, posted in the past day, have nothing to do with K 1.5.5. In fact that are completely off-topic to the original subject.

If people have security concerns about K 1.6 we would like to hear about them and they should be posted in the K 1.6 Support category. If people merely want to enquire about keeping their forum safe from intruders and ne'er-do-wells then they should look at the general discussion [Merged topic] How to protect my forum from spam .

I do not like locking topics because it may give the impression that we do not want to discuss certain things. That's not the point. In this case, I think it's necessary because further discussion (in terms of a long-fixed K 1.5 Support matter) is confusing.