Apply the 2015 suexec patch for CVE-2016-5387 “httpoxy”. Also remove our inexplicable whitelist entry for HTTPS_* environment variables.