A new Debian Linux update has been published: DLA 3111-1: mod-wsgi security update
A mod-wsgi security update has been released for Debian GNU/Linux 10 to address an issue where a request from an untrusted proxy does not remove the X-Client-IP header and thus allowing this header to be passed to the target WSGI application.Read more @ Linux Compatible