Users updating should add
log_uses_indirect_client off
to their squid.conf to mitigate CVE-2018-1000027