File CVE-2022-2255.patch of Package apache2-mod_wsgi.26275

From af3c0c2736bc0b0b01fa0f0aad3c904b7fa9c751 Mon Sep 17 00:00:00 2001
From: Graham Dumpleton <Graham.Dumpleton@gmail.com>
Date: Mon, 18 Jul 2022 12:29:38 +1000
Subject: [PATCH] Add fix to ensure that X-Client-IP header is dropped when is
 not a trusted header.

---
 src/server/mod_wsgi.c | 1 +
 1 file changed, 1 insertion(+)

Index: mod_wsgi-4.5.18/src/server/mod_wsgi.c
===================================================================
--- mod_wsgi-4.5.18.orig/src/server/mod_wsgi.c
+++ mod_wsgi-4.5.18/src/server/mod_wsgi.c
@@ -13643,6 +13643,7 @@ static void wsgi_process_proxy_headers(r
             value = apr_table_get(r->subprocess_env, name);
 
             if (!strcmp(name, "HTTP_X_FORWARDED_FOR") ||
+                     !strcmp(name, "HTTP_X_CLIENT_IP") ||
                      !strcmp(name, "HTTP_X_REAL_IP")) {
 
                 match_client_header = 1;