The link you provided refers to an issue with proxy certificates for SSL interception. This feature is disabled in Debian squid3 package due to licensing issues with OpenSSL, thus this is not a bug in Debian squid3 packages.
The only way this bug could affect a Debian user would be if the user had recompiled squid3 with OpenSSL supporto. I’m sure you understand that we cannot provide support for any custom built package.
Is there any other security issue in Debian squid3 package that you are aware of?
Squid3 in Debian is in very good shape because Amos Jeffrey, one of the upstream developers is directly involved in packaging squid3 for Debian and is doing an excellent job keeping up with upstream fixes.