diff -r 6641e941ef1e -r ff1a9aa48cfd app/django/template/loaders/filesystem.py
--- a/app/django/template/loaders/filesystem.py	Tue Oct 14 12:36:55 2008 +0000
+++ b/app/django/template/loaders/filesystem.py	Tue Oct 14 16:00:59 2008 +0000
@@ -7,13 +7,23 @@
 from django.utils._os import safe_join
 
 def get_template_sources(template_name, template_dirs=None):
+    """
+    Returns the absolute paths to "template_name", when appended to each
+    directory in "template_dirs". Any paths that don't lie inside one of the
+    template dirs are excluded from the result set, for security reasons.
+    """
     if not template_dirs:
         template_dirs = settings.TEMPLATE_DIRS
     for template_dir in template_dirs:
         try:
             yield safe_join(template_dir, template_name)
+        except UnicodeDecodeError:
+            # The template dir name was a bytestring that wasn't valid UTF-8.
+            raise
         except ValueError:
-            # The joined path was located outside of template_dir.
+            # The joined path was located outside of this particular
+            # template_dir (it might be inside another one, so this isn't
+            # fatal).
             pass
 
 def load_template_source(template_name, template_dirs=None):