In our install we have content created with CKeditor (7.x-1.12) containing images uploaded by Media module (7.x-2.0-unstable7) inside the WYSIWYG editor.
This leads to the full URL to the image getting embedded into the HTML generated by the WYSIWYG editor (which is an unrelated problem in itself, see ).
As such, the URL (saved in the HTML in field_data_fieldname.fieldname_value) is not getting updated when upgrading to Drupal 7.20.
As such, it does not contain the now required "itok=token".
As such, the image is not displayed any more.
Is there any way to solve this problem apart from
a) editing all the links in the database tables
b) disabling the new anti-DOS feature in settings.php