CVE-2016-4553: Patch for 3.4 and older is now available at <http://www.squid-cache.org/Versions/v3/3.4/changesets/squid-3.4-13240.patch>.
CVE-2016-4554: Additional changes are needed than those initially linked to. see the advisory URL for updated patch links. CVE-2016-4555: Squid-3.1 in wheezy is not affected. CVE-2016-4556: Patch for 3.4 should also apply fairly easily to 3.1, but has not been tested. Also, the severity of this issue is much reduced for Debian since SSL is not enabled. Though it still remains an issue for CDN and reverse-proxy installations. HTH Amos
