The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix: * curl: NTLM type-2 heap out-of-bounds buffer read * wget: Information exposure in set_file_metadata function in xattr.c * curl: NTLMv2 type-3 header stack buffer overflow * curl: SMTP end-of-response out-of-bounds read For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.1 Release Notes linked from the References section.