An update that solves two vulnerabilities and has one errata is now available.
This update for curl fixes the following security issues:
- CVE-2018-1000120: Prevent buffer overflow in the FTP URL handling that allowed an attacker to cause a denial of service (bsc#1084521). - CVE-2018-14618: Prevent integer overflow in the NTLM authentication code (bsc#1106019)
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product: