File apache2-CVE-2024-38476-10.patch of Package apache2.35278
--- a/server/config.c 2024/06/24 17:52:31 1918559 +++ b/server/config.c 2024/06/24 17:54:34 1918560 @@ -418,7 +418,7 @@ } if (!r->handler) { - if (r->content_type) { + if (r->content_type && AP_REQUEST_IS_TRUSTED_CT(r)) { handler = r->content_type; if ((p=ap_strchr_c(handler, ';')) != NULL) { char *new_handler = (char *)apr_pmemdup(r->pool, handler,