There is an illegal address access in the function _nc_read_entry_source in progs/tic.c in ncurses-bin 6.0 that might lead to a remote denial of service attack.