Gentoo Security Advisory GLSA 200403-11 (Squid)

The remote host is missing updates announced in advisory GLSA 200403-11.
Squid can be updated as follows: # emerge sync # emerge -pv '>=www-proxy/squid-2.5.5' # emerge '>=www-proxy/squid-2.5.5'
Squid versions 2.0 through to 2.5.STABLE4 could allow a remote attacker to bypass Access Control Lists by sending a specially-crafted URL request containing '%00': in such circumstances the url_regex ACL may not properly detect the malicious URL, allowing the attacker to effectively bypass the ACL.