De Kunena

Contenido 1 Kunena 1.5.5 Security Release 1.1 Security Fixes 1.2 Known issues 1.3 Downloading Kunena 1.4 Compatibility with Third-party Kunena Templates 1.5 Compatibility with Third-party Kunena Modules 1.6 Installing or Upgrading Kunena 1.7 Credits 1.8 Short Change Log

Kunena 1.5.5 Security Release

The Kunena Team announces the immediate availability of Kunena 1.5.5 . These are important security releases and users are urged to update immediately. One minor and one critical security issue have been resolved in this release. There are no other issues fixed in this release.

Security Fixes

Kunena Forum 1.5.5 contains one high risk security fix:

An exploit has been published which allows blind SQL injection attacks to be made. All previous versions of both Kunena and FireBoard are affected by this bug.

[#17635] Fix Blind SQL Injection Exploit
[#17636] Check that img tags contain allowed file extension

All users of previous FireBoard, JoomlaBoard, and Kunena releases are strongly encouraged to upgrade immediately.

Known issues

While many issues have been resolved, a number of items remain:

- Moderator tools are still incomplete. We disabled the option to split because it might break threads.
- New topics in subforum child forums are not shown on the categories page.
- Entering wrong Capthca code resets message form.
- JomSocial profile links may be pointing to wrong place if there are many JomSocial menu entries.
- JomSocial avatars are not shown in user list.
- Quick Reply changes '>' to '&gt' and '<' to '&lt'.
- If administrator or moderator edits posts, the email address saved in that message gets replaced. 
- Pagination doesn't work in My Messages
- Rank images and smilies won't show up in backend if language is something else than English.

Downloading Kunena

We leverage JoomlaCode as our single public repository for the public SVN.

You can find the SVN source code repository here: SVN

You can find the latest release tarballs here: Packages

Compatibility with Third-party Kunena Templates

Many old templates made for Kunena 1.5.3 will work in Kunena 1.5.5! You should still upgrade your template as soon as there will be version for Kunena 1.5.5 as they will fix bugs which have been fixed in latest default_ex theme.

Please make sure that your theme works in Kunena 1.5.5 before upgrading your live site!

Default (Red, Green and Gray) and all templates based on those are now officially deprecated and will be removed in Kunena 1.6.

Compatibility with Third-party Kunena Modules

All Kunena modules verified to work with Kunena 1.5 should work after upgrading to Kunena 1.5.5.

If you are using third-party Kunena modules, you should test that they will all work with the new Kunena version before upgrading your live site!

Installing or Upgrading Kunena

Be sure your setup matches the minimum Technical Requirements or the install/upgrade process will fail. If it fails, your data will be left untouched.

To install Kunena, make sure you read our Installation Instructions before beginning. To upgrade Kunena from previous versions (including FireBoard), make sure you read the Upgrade Instructions.

The Kunena installer has evolved, been tested, and handles both installs as well as upgrades of existing installs without the need for user intervention or manual SQL execution. It keeps a detailed version log of all versions that have ever been installed on your site in order to be able to perform incremental upgrades as necessary.

We would like to underscore the importance of backups before and after any upgrade process. Never perform an install or upgrade without a full backup.

Credits

In alphabetical order:

• @quila Kunena moderator
• fxstein Kunena developer and admin of the world largest Yamaha Star VMax community at www.starVmax.com
• johnnydement Kunena moderator
• LDA Kunena moderator
• Matias Kunena developer
• Noel Hunter Kunena developer and admin of House Calls Q&A Forum
• Roland76 Kunena developer
• severdia Kunena developer, Joomla Team Member, and admin of PlayShakespeare.com
• Spock Kunena moderator
• whouse Kunena developer
• xillibit Kunena moderator

Special thanks go to Beat and the CB Testing team, Ida and JoniJnm for significant contributions to Kunena. In addition many members of www.Kunena.com have contributed and helped make this a more stable and bugfree version. Our Thanks go out to all contributors of Kunena! Greetings from the global Kunena forum team!

Short Change Log

Legend:

# -> Bug Fix
+ -> Addition
^ -> Change
- -> Removed
! -> Note

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Kunena 1.5.5

Broken features fixed:

* [#17139] XSS vulnerability in BBCode parser
# [#17168] My Profile: Uploading avatar does not work in PHP < 5.2.1