From 15a7dce983931969160b2d3cf3b4fc4e57b28b85 Mon Sep 17 00:00:00 2001
From: zhuhai <zhuhai@ncti-gba.cn>
Date: Mon, 8 Aug 2022 11:47:56 +0800
Subject: [PATCH 1/2] CVE-2022-2255

---
 cve-2022-2255.patch | 11 +++++++++++
 mod_wsgi.spec       |  6 +++++-
 2 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 cve-2022-2255.patch

diff --git a/cve-2022-2255.patch b/cve-2022-2255.patch
new file mode 100644
index 0000000..713316f
--- /dev/null
+++ b/cve-2022-2255.patch
@@ -0,0 +1,11 @@
+diff -Nur mod_wsgi-4.9.1.old/src/server/mod_wsgi.c mod_wsgi-4.9.1/src/server/mod_wsgi.c
+--- mod_wsgi-4.9.1.old/src/server/mod_wsgi.c	2022-08-08 10:12:40.044127804 +0800
++++ mod_wsgi-4.9.1/src/server/mod_wsgi.c	2022-08-08 10:14:21.532845853 +0800
+@@ -14044,6 +14044,7 @@
+             name = ((const char**)trusted_proxy_headers->elts)[i];
+ 
+             if (!strcmp(name, "HTTP_X_FORWARDED_FOR") ||
++                     !strcmp(name, "HTTP_X_CLIENT_IP") ||
+                      !strcmp(name, "HTTP_X_REAL_IP")) {
+ 
+                 match_client_header = 1;
diff --git a/mod_wsgi.spec b/mod_wsgi.spec
index 38fb4e2..63daac5 100644
--- a/mod_wsgi.spec
+++ b/mod_wsgi.spec
@@ -6,13 +6,14 @@
 %global sphinxbin %{_bindir}/sphinx-build-3
 Name:                mod_wsgi
 Version:             4.9.1
-Release:             1
+Release:             2
 Summary:             A WSGI interface for Python web applications in Apache
 License:             ASL 2.0
 URL:                 https://modwsgi.readthedocs.io/
 Source0:             https://github.com/GrahamDumpleton/mod_wsgi/archive/refs/tags/%{version}.tar.gz
 Source1:             wsgi-python3.conf
 Patch1:              mod_wsgi-4.5.20-exports.patch
+Patch2:              cve-2022-2255.patch
 BuildRequires:       httpd-devel gcc perl
 %{?filter_provides_in: %filter_provides_in %{_httpd_moddir}/.*\.so$}
 %{?filter_setup}
@@ -74,6 +75,9 @@ popd
 %{_bindir}/mod_wsgi-express-3
 
 %changelog
+* Mon Aug 08 2022 zhuhai95 <zhuhai@ncti-gba.cn> - 4.9.1-2
+- Fix CVE-2022-2255
+
 * Tue May 17 2022 yangping <yangping69@h-partners> - 4.9.1-1
 - Update to 4.9.1
 
-- 
Gitee


From 63b1a77fefcb56789a6d1942ec00ff6a6f027d15 Mon Sep 17 00:00:00 2001
From: zhuhai <zhuhai@ncti-gba.cn>
Date: Mon, 8 Aug 2022 16:00:29 +0800
Subject: [PATCH 2/2] change License to git Apache-2.0

---
 mod_wsgi.spec | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mod_wsgi.spec b/mod_wsgi.spec
index 63daac5..60d9173 100644
--- a/mod_wsgi.spec
+++ b/mod_wsgi.spec
@@ -8,7 +8,7 @@ Name:                mod_wsgi
 Version:             4.9.1
 Release:             2
 Summary:             A WSGI interface for Python web applications in Apache
-License:             ASL 2.0
+License:             Apache-2.0
 URL:                 https://modwsgi.readthedocs.io/
 Source0:             https://github.com/GrahamDumpleton/mod_wsgi/archive/refs/tags/%{version}.tar.gz
 Source1:             wsgi-python3.conf
-- 
Gitee