A vulnerability was discovered in squid, an Internet object cache, whereby access control lists based on URLs could be bypassed (CAN-2004-0189). Two other bugs were also fixed with patches squid-2.4.STABLE7-url_escape.patch (a buffer overrun which does not appear to be exploitable) and squid-2.4.STABLE7-url_port.patch (a potential denial of service).
For the stable distribution (woody) these problems have been fixed in version 2.4.6-2woody2.
For the unstable distribution (sid) these problems have been fixed in version 2.5.5-1.
We recommend that you update your squid package.