CVE-2010-2951 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2951): dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket during an IPv4 TCP DNS query, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors that trigger an IPv4 DNS response with the TC bit set.
Accoding to http://marc.info/?l=squid-users&m=128263555724981&w=2 this was fixed in squid 3.1.7. Moving to [glsa] with the other squid bugs.
This issue was resolved and addressed in GLSA 201110-24 at http://security.gentoo.org/glsa/glsa-201110-24.xml by GLSA coordinator Tim Sammut (underling).