Apache httpd 2.2.9 was released. It's bugfix release, some bugs are sequrity related.
Steps to Reproduce:
*) SECURITY: CVE-2008-2364 (cve.mitre.org)
mod_proxy_http: Better handling of excessive interim responses
from origin server to prevent potential denial of service and high
memory usage. Reported by Ryujiro Shibuya. [Ruediger Pluem,
Joe Orton, Jim Jagielski]
*) SECURITY: CVE-2007-6420 (cve.mitre.org)
mod_proxy_balancer: Prevent CSRF attacks against the balancer-manager
interface. [Joe Orton]
2.2.9 in cvs, ready for stabilization
Arches, please test and mark stable:
Target keywords : "alpha amd64 arm hppa ia64 ppc ppc64 release s390 sh sparc x86"
Stable for HPPA.
Fixed in release snapshot.