Add squid

reviews/github/squid/squid.md

@@ -0,0 +1,47 @@
+---
+Publication-State: Active
+Access: Public
+Reviewers:
+- Name: Joshua "megamansec" Hu
+  Associated-With-Project: False
+  Compensation-Source: External
+Domain: Security
+Methodology:
+- Code-Review
+Issues-Identified: Severe
+Package-URLs:
+- pkg:github/squid-cache/squid
+Review-Date: 2021-06-15
+Scope: Implementation/Full
+Schema-Version: 1.0
+SPDX-License-Identifier: CC-BY-4.0
+---
+
+### Summary
+
+Squid Caching Proxy Security Audit: 55 vulnerabilities and 35 0days
+
+### Details
+
+A brief review found an extremely large number of vulnerabilities in squid, and there is no proactive effort to fix them. "The Squid Team have been helpful and supportive during the process of reporting these issues. However, they are effectively understaffed, and simply do not have the resources to fix the discovered issues. Hammering them with demands to fix the issues won’t get far. ...  If you are running Squid in an environment which may suffer from any of these issues, then it is up to you to reassess whether Squid is the right solution for your system."
+
+### Methodology
+
+No methodology was provided.
+
+### External References
+
+https://megamansec.github.io/Squid-Security-Audit/
+
+### Disclaimer
+
+All security reviews are conducted on a "best-effort" basis against a software
+component at a point in time. We make no guarantee as to the quality or completeness
+of any review. If you believe any content is inaccurate, we encourage you to open
+an issue or submit a pull request with a correction or improvement.
+
+### License
+
+This text is released under at least the
+[Creative Commons Attribution 4.0 (CC-BY-4.0) license](https://creativecommons.org/licenses/by/4.0/legalcode.txt).
+Externally-referenced content may be licensed differently.