lighttpd: backport a fix for CVE-2022-22707

Backport the fix for CVE-2022-22707, a buffer overflow in mod_extforward.

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>