File httpd-2.2.x-CVE-2011-3348-mod_proxy_ajp.patch of Package apache2

diff -rNU 20 ../httpd-2.2.12-o/modules/proxy/mod_proxy_ajp.c ./modules/proxy/mod_proxy_ajp.c
--- ../httpd-2.2.12-o/modules/proxy/mod_proxy_ajp.c	2011-10-07 14:35:30.000000000 +0200
+++ ./modules/proxy/mod_proxy_ajp.c	2011-10-07 15:04:51.000000000 +0200
@@ -196,41 +196,43 @@
     if (maxsize > AJP_MAX_BUFFER_SZ)
        maxsize = AJP_MAX_BUFFER_SZ;
     else if (maxsize < AJP_MSG_BUFFER_SZ)
        maxsize = AJP_MSG_BUFFER_SZ;
     maxsize = APR_ALIGN(maxsize, 1024);
        
     /*
      * Send the AJP request to the remote server
      */
 
     /* send request headers */
     status = ajp_send_header(conn->sock, r, maxsize, uri);
     if (status != APR_SUCCESS) {
         conn->close++;
         ap_log_error(APLOG_MARK, APLOG_ERR, status, r->server,
                      "proxy: AJP: request failed to %pI (%s)",
                      conn->worker->cp->addr,
                      conn->worker->hostname);
         if (status == AJP_EOVERFLOW)
             return HTTP_BAD_REQUEST;
-        else {
+        else if  (status == AJP_EBAD_METHOD) {
+            return HTTP_NOT_IMPLEMENTED;
+        } else {
             /*
              * This is only non fatal when the method is idempotent. In this
              * case we can dare to retry it with a different worker if we are
              * a balancer member.
              */
             if (is_idempotent(r) == METHOD_IDEMPOTENT) {
                 return HTTP_SERVICE_UNAVAILABLE;
             }
             return HTTP_INTERNAL_SERVER_ERROR;
         }
     }
 
     /* allocate an AJP message to store the data of the buckets */
     bufsiz = maxsize;
     status = ajp_alloc_data_msg(r->pool, &buff, &bufsiz, &msg);
     if (status != APR_SUCCESS) {
         /* We had a failure: Close connection to backend */
         conn->close++;
         ap_log_error(APLOG_MARK, APLOG_DEBUG, 0, r->server,
                      "proxy: ajp_alloc_data_msg failed");