Hmm, so this is only an Apache 2 issue? I'm not sure for which OSes Apache 1 vs. Apache 2 is supported. Here's what I do know:
RH 7.3 - Apache 1.x
RH ES - Apache 2.x
So, the simple fix would be to add:
<IfModule mod_suexec.c>
SuexecUserGroup USER psacln
</IfModule>
to your vhost.conf and vhost_ssl.conf files, replacing "USER" with the actual user name of the owner of virtual host . Once a fix is released you will need to then go through and delete any *.conf file that are no longer needed.
It really amazes me how these simple things ever get by testing. But, having worked in some of the larger software companies, with significant resources dedicated to testing, I know it's not uncommon.