This update for curl fixes the following issues: - An application that performs multiple requests with libcurl"s multi API and sets the "CURLOPT_CONNECT_ONLY" option, might in rare circumstances experience that when subsequently using the setup connect-only transfer, libcurl will pick and use the wrong connection and instead pick another one the application has created since then. [bsc#1175109, CVE-2020-8231]