From 1095ae520cf62653f5002d1b2fba72f42fce5afe Mon Sep 17 00:00:00 2001
From: zhuhai <zhuhai@ncti-gba.cn>
Date: Mon, 8 Aug 2022 16:33:42 +0800
Subject: [PATCH] Fix CVE-2022-2255

change License to Apache-2.0

cve to CVE

(cherry picked from commit a3f5478d2cb6c839323d095559f4dc4e6dc43495)
---
 CVE-2022-2255.patch | 11 +++++++++++
 mod_wsgi.spec       |  8 ++++++--
 2 files changed, 17 insertions(+), 2 deletions(-)
 create mode 100644 CVE-2022-2255.patch

diff --git a/CVE-2022-2255.patch b/CVE-2022-2255.patch
new file mode 100644
index 0000000..30e9014
--- /dev/null
+++ b/CVE-2022-2255.patch
@@ -0,0 +1,11 @@
+diff -Nur mod_wsgi-4.6.4.old/src/server/mod_wsgi.c mod_wsgi-4.6.4/src/server/mod_wsgi.c
+--- mod_wsgi-4.6.4.old/src/server/mod_wsgi.c	2022-08-08 15:27:04.978005420 +0800
++++ mod_wsgi-4.6.4/src/server/mod_wsgi.c	2022-08-08 15:30:20.395491862 +0800
+@@ -13897,6 +13897,7 @@
+             value = apr_table_get(r->subprocess_env, name);
+ 
+             if (!strcmp(name, "HTTP_X_FORWARDED_FOR") ||
++	             !strcmp(name, "HTTP_X_CLIENT_IP") ||
+                      !strcmp(name, "HTTP_X_REAL_IP")) {
+ 
+                 match_client_header = 1;
diff --git a/mod_wsgi.spec b/mod_wsgi.spec
index dcc6f06..6e3e9e0 100644
--- a/mod_wsgi.spec
+++ b/mod_wsgi.spec
@@ -6,15 +6,16 @@
 %global sphinxbin %{_bindir}/sphinx-build-3
 Name:                mod_wsgi
 Version:             4.6.4
-Release:             2
+Release:             3
 Summary:             A WSGI interface for Python web applications in Apache
-License:             ASL 2.0
+License:             Apache-2.0
 URL:                 https://modwsgi.readthedocs.io/
 Source0:             https://github.com/GrahamDumpleton/mod_wsgi/archive/%{version}.tar.gz#/mod_wsgi-%{version}.tar.gz
 Source1:             wsgi-python3.conf
 Patch1:              mod_wsgi-4.5.20-exports.patch
 Patch2:              Use-official-APIs-for-accessing-interpreter-list.patch
 Patch3:              Changed-functions-to-pre-post-actions-when-forking.patch
+Patch4:              CVE-2022-2255.patch
 BuildRequires:       httpd-devel gcc
 %{?filter_provides_in: %filter_provides_in %{_httpd_moddir}/.*\.so$}
 %{?filter_setup}
@@ -76,6 +77,9 @@ popd
 %{_bindir}/mod_wsgi-express-3
 
 %changelog
+* Mon Aug 08 2022 zhuhai95 <zhuhai@ncti-gba.cn> - 4.6.4-3
+- Fix CVE-2022-2255
+
 * Sat Feb 27 2021 zhaorenhai <zhaorenhai@hotmail.com> - 4.6.4-2
 - Add configure file
 
-- 
Gitee