Resolved issues in Patch 4

CollabNet TeamForge 5.2 Patch 4 resolves these issues.

ID	Description
artf43038	ViewVC ran slower after upgrade to 5.2. Significant improvements have been made to address performance issues.
artf43271	Fixed potential security issues involving cross-site scripting (XSS).
artf48607	Disabled TRACE and TRACK HTTP Methods to address security vulnerability.
artf49878	Some queries can cause excessive loads on the JVM.
artf49953	Deflate settings can still cause improper handling of .tgz files in some versions of Firefox. It works well with IE.
artf50086	Fixed the Subversion PBP authorizer for Apache to properly handle COPY/MOVE requests.
artf50283	Security: Closed a possible loophole whereby a hacker might point the victim to a malicious site on redirects by tampering with the HOST request header. Any such attempts now force a redirect to the default page.
artf50286	For sites that want only session cookies and not persistent cookies, the SESSION_COOKIES_ONLY variable has been added to the configuration options.
artf50520	A bug was fixed where soap session key usage in velocity templates are restricted to API tool versions. Eg: $API43, $API44, $API50. Now a valid soap session key is made to work non-transparently with all the API tools irrespective of their versions in velocity templates.
artf50523	The log contents and format have been revised to match legacy behavior for BTF sites. A separate log4j.xml config is available for hosted sites.
artf50566	Fixed tomcat security information disclosure by removing version string from HTTP error messages.
artf50593	When a user clicks the "Remove from Blacklist" button on a blacklisted user, the button does not go away upon page refresh.