A flaw was found in Squid. A buffer over-read in the ConfigParser::UnQuote function in the src/ConfigParser.cc file can be triggered when a specially crafted configuration file is being parsed by Squid when it’s initializing, causing an application crash.
Do not use untrusted Squid configuration files.