It was discovered that a directory traversal vulnerability in CherryPy,
a pythonic, object-oriented web development framework, may lead to denial
of service by deleting files through malicious session IDs in cookies.
The old stable distribution (sarge) doesn’t contain python-cherrypy.
For the stable distribution (etch), this problem has been fixed in
version 2.2.1-3etch1.
We recommend that you upgrade your python-cherrypy packages.