From d40adc7553bc900328afa918f45b6d9e9c3087fb Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Mon, 24 Oct 2011 08:20:35 -0400
Subject: [PATCH] Fixed security hole when cloning repository with TortoiseGit (issue 28)

---
 docs/04_releases.mkd |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/docs/04_releases.mkd b/docs/04_releases.mkd
index bb238bb..68e0908 100644
--- a/docs/04_releases.mkd
+++ b/docs/04_releases.mkd
@@ -3,17 +3,24 @@
 ### Current Release
 **%VERSION%** ([go](http://code.google.com/p/gitblit/downloads/detail?name=%GO%)|[war](http://code.google.com/p/gitblit/downloads/detail?name=%WAR%)|[fedclient](http://code.google.com/p/gitblit/downloads/detail?name=%FEDCLIENT%)|[manager](http://code.google.com/p/gitblit/downloads/detail?name=%MANAGER%)) based on [%JGIT%][jgit] &nbsp; *released %BUILDDATE%*
 
+- **security**: fixed security hole when cloning clone-restricted repository with TortoiseGit (issue 28)
 - improved: updated ui with Twitter's Bootstrap CSS toolkit  
     **New:** *web.loginMessage = gitblit*
+- improved: repositories list performance by caching repository sizes (issue 27)
+- improved: summary page performance by caching metric calculations (issue 25)
 - added: authenticated JSON RPC mechanism   
     **New:** *web.enableRpcServlet = true*  
     **New:** *web.enableRpcAdministration = false*
 - added: reusable JSON RPC client class
 - added: Gitblit Manager (Java/Swing Application) for remote administration of a Gitblit server.
+- added: per-repository setting to skip size calculation (faster repositories page loading)
+- added: per-repository setting to skip summary metrics calculation (faster summary page loading)
 - fixed: federation protocol timestamps.  dates are now serialized to the [iso8601](http://en.wikipedia.org/wiki/ISO_8601) standard.  
     **This breaks 0.6.0 federation clients/servers.**
-- fixed: Gitblit now runs on Servlet 3.0 webservers (e.g. Tomcat 7, Jetty 8)
-- fixed: Set the RSS content type for Firefox 4 (issue 22)
+- fixed: collision on rename for repositories and users
+- fixed: Gitblit can now browse the Linux kernel repository (issue 25)
+- fixed: Gitblit now runs on Servlet 3.0 webservers (e.g. Tomcat 7, Jetty 8) (issue 23)
+- fixed: Set the RSS content type of syndication feeds for Firefox 4 (issue 22)
 - fixed: Null pointer exception if did not set federation strategy (issue 20)
 - fixed: Gitblit GO allows SSL renegotiation if running on Java 1.6.0_22 or later
 - added: IUserService.setup(IStoredSettings) for custom user service implementations

--
Gitblit v1.9.1