Description of problem:
The latest version of Apache appears to be afflicted with a bug that allows remote attackers to cause a denial-of-service via multiple calls. This is CVE-2008-1678.
Version-Release number of selected component (if applicable):
RHEL5 has a security advisory and updated packages under RHSA-2009:1075-1. These packages also address the Options bug reported in CVE-2009-1195.
CVE-2008-1678 was fixed in 2.2.9.
2.2.13 updates are being built which will fix CVE-2009-1195 et al.