The Apache web server version 2.0.55 was released today. The previous 2.0 release was made back in April of this year. 2.0.55 fixes a flaw that was discussed on Slashdot in July. It’s mentioned in their official 2.0.55 announcement.
If a request contains both Transfer-Encoding and Content-Length headers, remove the Content-Length.
proxy_http: Correctly handle the Transfer-Encoding and Content-Length request headers. Discard the request Content-Length whenever chunked T-E is used, always passing one of either C-L or T-E chunked whenever the request includes a request body.