Squid security advisory 2009:2 reports:
Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when processing specially crafted responses. These problems allow any trusted client or external server to perform a denial of service attack on the Squid service.
Squid-2.x releases are not affected.