During the summer rumours about a new attack against SSL started circulating (CVE-2011-3389).
As it turns out, the attack itself was conceived years ago, deemed impractical, but it was nevertheless fixed in TLS 1.1. The new attack technique introduced a few optimizations to make it practical.

In terms of mitigation, I expect this problem will be largely addressed on the client side, despite a potential compatibility problem that may cause some TLS sites to stop working.

With this config you can avoid that attack.

SSLProtocol all -SSLv2
SSLHonorCipherOrder On

#NO Longer needed cause since IE 7 this works ;) 
#SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

With OpenSSL 1.0.1 it must be