v5.10.2 now has the CVE-2014-7169 patch. Please grab the update file from: /update/
Other changes in v5.10.2
Better handling for device urls
In the earlier versions, you could create duplicate device urls if using the post api call. We have now fixed that behavior to not allow duplicate records. Also, we added a new option to clear out existing duplicate urls. This is available under Tools > Templates & Bulk Operations > Misc Functions.