From 91780e2e17a8020872c8da2d8941114e098ef2a4 Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Thu, 16 Feb 2012 07:39:48 -0500
Subject: [PATCH] Merge pull request #7 from plm/protect_refs_hook

---
 docs/04_releases.mkd |   15 +++++++++++++++
 1 files changed, 15 insertions(+), 0 deletions(-)

diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd
index 2d465bc..e82c274 100644
--- a/docs/04_releases.mkd
+++ b/docs/04_releases.mkd
@@ -4,16 +4,31 @@
 
 **%VERSION%** ([go](http://code.google.com/p/gitblit/downloads/detail?name=%GO%) | [war](http://code.google.com/p/gitblit/downloads/detail?name=%WAR%) | [express](http://code.google.com/p/gitblit/downloads/detail?name=%EXPRESS%) | [fedclient](http://code.google.com/p/gitblit/downloads/detail?name=%FEDCLIENT%) | [manager](http://code.google.com/p/gitblit/downloads/detail?name=%MANAGER%) | [api](http://code.google.com/p/gitblit/downloads/detail?name=%API%)) based on [%JGIT%][jgit] &nbsp; *released %BUILDDATE%*
 
+#### security
+
+- Fixed session fixation vulnerability where the session identifier was not reset during the login process (issue 62)
+
 #### changes
 
+- block pushes to a repository with a working copy (i.e. non-bare repository) (issue-49)
 - web.datetimestampLongFormat from *EEEE, MMMM d, yyyy h:mm a z* to *EEEE, MMMM d, yyyy HH:mm Z* (issue 50)
 
 #### additions
 
+- Added a built-in AJP connector for integrating Gitblit GO into an Apache mod_proxy setup (issue 59)  
+    **New:** *server.ajpPort = 0*
+    **New:** *server.ajpBindInterface = localhost*
+- On the Repositories page show a bang *!* character in the color swatch of a repository with a working copy (issue 49)  
+Push requests to these repositories will be rejected.
+- On all non-bare Repository pages show *WORKING COPY* in the upper right corner (issue 49)
+- New setting to prevent display/serving non-bare repositories  
+    **New:** *git.onlyAccessBareRepositories = false*
 - Allow relinking HEAD to a branch or a tag (Github/plm)
 
 #### fixes 
 
+- Prevent add/edit team with no selected repositories (issue 56) 
+- Disallow browser autocomplete on add/edit user/team/repository pages
 - Fixed username case-sensitivity issues (issue 43)
 - Disregard searching a subfolder if Gitblit does not have filesystem permissions (Github/lemval issue 51)
 

--
Gitblit v1.9.1