BUG: Version 3.5.27-1ubuntu1.7 breaks config using icap

I was about to read code for latest 2 included patches and @ahasenack warned me about:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=965012

with current status:

"""
Hello Andreas,

thanks for your patience. I believe I have found the underlying problem.
It is a parsing issue in src/adaptation/icap/ModXact.cc and HttpMsg.cc.

2020/07/28 09:55:14.614 kid1| 58,3| HttpMsg.cc(184) parse:
HttpMsg::parse: cannot parse isolated headers in 'OPTIONS
icap://127.0.0.1:1344/virus_scan ICAP/1.0

To fix CVE-2019-12523 the urlParse function had to be updated to use the
new SBuf API for better access checks. However at one point in time
upstream did no longer used this function to parse icap headers and
simply copied an already known url. I have attached the
CVE-2019-12523.patch. You can just replace it with the old one. If
everything works as expected I will upload this change as +deb9u3 shortly.

Regards,

Markus
"""

This bug was fixed in the package squid3 - 3.5.12-1ubuntu7.13

---------------
squid3 (3.5.12-1ubuntu7.13) xenial-security; urgency=medium

  * SECURITY REGRESSION: regression when parsing icap and ecap protocols
    (LP: #1890265)
    - debian/patches/CVE-2019-12523-bug965012.patch
  * Thanks to Markus Koschany for the regression fix!

 -- Marc Deslauriers <email address hidden> Wed, 26 Aug 2020 06:46:39 -0400

This bug was fixed in the package squid3 - 3.5.27-1ubuntu1.8

---------------
squid3 (3.5.27-1ubuntu1.8) bionic-security; urgency=medium

  * SECURITY REGRESSION: regression when parsing icap and ecap protocols
    (LP: #1890265)
    - debian/patches/CVE-2019-12523-bug965012.patch
  * Thanks to Markus Koschany for the regression fix!

 -- Marc Deslauriers <email address hidden> Tue, 25 Aug 2020 13:12:13 -0400