Apache 2.0.43 should be released shortly to address this.... http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0840
Fixed in RHSA-2002:222