yup you heard correctly. they found a bug in Apache that will cause it to get a Denial of Service.

http://httpd.apache.org/info/security_bulletin_20020617.txt

Good find scout, in short (if you're lazy), Users of Apache 1.3 should upgrade to 1.3.26, and users of Apache 2.0 should upgrade to 2.0.39, which contain a fix for this issue.