Merge branch 'mm/push-social-engineering-attack-doc' into maint

Doc update on fetching and pushing.

* mm/push-social-engineering-attack-doc:
doc: mention transfer data leaks in more places

diff --cc Documentation/config.txt
index febf95d6c663d723a66a30d936bd49b1a02b467a,780fbdf41cbafa041f6b561bc7a6c328e6c7cbd1..9705b94b229c348cb806da54ad778acc84164acd
--- 1/Documentation/config.txt
--- 2/Documentation/config.txt
+++ b/Documentation/config.txt
@@@ -2969,13 -2824,11 +2977,16 @@@ uploadpack.allowReachableSHA1InWant:
        Allow `upload-pack` to accept a fetch request that asks for an
        object that is reachable from any ref tip. However, note that
        calculating object reachability is computationally expensive.
-       Defaults to `false`.
+       Defaults to `false`.  Even if this is false, a client may be able
+       to steal objects via the techniques described in the "SECURITY"
+       section of the linkgit:gitnamespaces[7] man page; it's best to
+       keep private data in a separate repository.
  
 +uploadpack.allowAnySHA1InWant::
 +      Allow `upload-pack` to accept a fetch request that asks for any
 +      object at all.
 +      Defaults to `false`.
 +
  uploadpack.keepAlive::
        When `upload-pack` has started `pack-objects`, there may be a
        quiet period while `pack-objects` prepares the pack. Normally

diff --cc Documentation/git-fetch.txt
Simple merge

diff --cc Documentation/git-pull.txt
Simple merge

diff --cc Documentation/git-push.txt
Simple merge