id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
24239	Possible problem in CVE-2015-0219 fix for 1.4.x	Raphaël Hertzog	nobody	"Looking at https://github.com/django/django/commit/4f6fffc1dc429f1ad428ecf8e6620739e8837450 you will see that the commit adds a get_environ() method to the WSGIRequestHandler class.

But in fact, the class already has such a method, so this change effectively replaces the initial get_environ() implementation with another one that relies on ancestors providing the bulk of the code while the original implementation does everything alone.

I would have expected this to blow up in some interesting ways... I'm not using 1.4 myself so I haven't verified. I discovered this while trying to backport this patch for an even older version of Django (1.2 in Debian Squeeze)."	Bug	closed	HTTP handling	1.4	Normal	duplicate		carl@…	Accepted	1	0	0	0	0	0