This update fixes the following security issues:
(bnc#955412, CVE-2015-8213) Possible settings leak in date template filter
(bnc#937522, CVE-2015-5143) Possible denial-of-service in session store
(bnc#937523, CVE-2015-5144) Possible Header injection
(bnc#941587, CVE-2015-5963) Possible denial-of-service by filling session store via logout()