mod_wsgi/CVE-2022-2255.patch

diff -Nur mod_wsgi-4.6.4.old/src/server/mod_wsgi.c mod_wsgi-4.6.4/src/server/mod_wsgi.c
--- mod_wsgi-4.6.4.old/src/server/mod_wsgi.c	2022-08-02 15:45:40.742342954 +0800
+++ mod_wsgi-4.6.4/src/server/mod_wsgi.c	2022-08-02 15:51:26.380418412 +0800
@@ -13886,6 +13886,7 @@
             value = apr_table_get(r->subprocess_env, name);
 
             if (!strcmp(name, "HTTP_X_FORWARDED_FOR") ||
+		     !strcmp(name, "HTTP_X_CLIENT_IP") ||    
                      !strcmp(name, "HTTP_X_REAL_IP")) {
 
                 match_client_header = 1;
fix cve-2022-2255 cve to CVE (cherry picked from commit 55a125e517cbc95a24c118fd13205c2adf12d39d) 2022-08-03 10:44:28 +08:00			`diff -Nur mod_wsgi-4.6.4.old/src/server/mod_wsgi.c mod_wsgi-4.6.4/src/server/mod_wsgi.c`
			`--- mod_wsgi-4.6.4.old/src/server/mod_wsgi.c 2022-08-02 15:45:40.742342954 +0800`
			`+++ mod_wsgi-4.6.4/src/server/mod_wsgi.c 2022-08-02 15:51:26.380418412 +0800`
			`@@ -13886,6 +13886,7 @@`
			`value = apr_table_get(r->subprocess_env, name);`

			`if (!strcmp(name, "HTTP_X_FORWARDED_FOR") \|\|`
			`+ !strcmp(name, "HTTP_X_CLIENT_IP") \|\|`
			`!strcmp(name, "HTTP_X_REAL_IP")) {`

			`match_client_header = 1;`