|From the Debian advisory:
Paul McMillan, Mozilla and the Django core team discovered several
vulnerabilities in Django, a Python web framework:
When using memory-based sessions and caching, Django sessions are
stored directly in the root namespace of the cache. When user data is
stored in the same cache, a remote user may take over a session.
Django's field type URLfield by default checks supplied URL's by
issuing a request to it, which doesn't time out. A Denial of Service
is possible by supplying specially prepared URL's that keep the
connection open indefinitely or fill the Django's server memory.
Django used X-Forwarded-Host headers to construct full URL's. This
header may not contain trusted input and could be used to poison the
The CSRF protection mechanism in Django does not properly handle
web-server configurations supporting arbitrary HTTP Host headers,
which allows remote attackers to trigger unauthenticated forged