Debian Linux Security Advisory 3743-1 – It was discovered that bottle, a WSGI-framework for the Python programming language, did not properly filter “rn” sequences when handling redirections. This allowed an attacker to perform CRLF attacks such as HTTP header injection.