Apache 2.2.8 has been released, it contains some security fixes and so on, see URL and http://httpd.apache.org/security/vulnerabilities_22.html
Not a security issue, been already fixed in 2.2.6-r7 or earlier in Gentoo. *apache-2.2.6-r7 (07 Jan 2008) 07 Jan 2008; Benedikt Böhm <hollow@gentoo.org> +apache-2.2.6-r7.ebuild: fix #204822, #204408, #204409 and #204410 *apache-2.2.6-r5 (14 Dec 2007) 14 Dec 2007; Benedikt Böhm <hollow@gentoo.org> +files/apache-2.2.6_CVE-2007-5000.patch, +apache-2.2.6-r5.ebuild: fix CVE-2007-5000 (#202327)
in cvs, thanks