The specific version of Squid that the system is running is reportedly affected by the following vulnerabilities:
Squid contains a flaw in esi/Esi.cc that is triggered as input is not properly validated when handling ESI responses. This may allow a remote attacker to disclose the server stack layout. (CVE-2016-4053)
Squid contains an overflow condition in esi/Esi.cc that is triggered as user-supplied input is not properly validated when handling ESI responses. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2016-4054)
Squid contains an assertion flaw in esi/Esi.cc that is triggered as input is not properly validated when handling ESI responses. This may allow a remote attacker to terminate the service. (CVE-2016-4052)
Squid contains an overflow condition that is triggered as user-supplied input is not properly validated when processing the length of content lines in reports by the cachemgr.cgi tool. This may allow a remote attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code. (CVE-2016-4051)
Binary data 802013.prm
community.ubnt.com/t5/EdgeMAX-Updates-Blog/EdgeMAX-EdgeRouter-software-release-v1-9-0/ba-p/1643332
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
lists.opensuse.org/opensuse-security-announce/2016-08/msg00010.html
lists.opensuse.org/opensuse-security-announce/2016-08/msg00040.html
seclists.org/bugtraq/2016/Jul/104
seclists.org/oss-sec/2016/q2/117
www.squid-cache.org/
www.squid-cache.org/Advisories/SQUID-2016_5.txt
www.squid-cache.org/Advisories/SQUID-2016_6.txt
www.ubuntu.com/usn/usn-2995-1/
bugs.debian.org/cgi-bin/bugreport.cgi?bug=823968
bugzilla.redhat.com/show_bug.cgi?id=1359203
www.debian.org/security/2016/dsa-3625