Here's an update of gnurl to 7.61.1, a simple version bump.
According to curl this CVE was fixed in curl:

https://curl.haxx.se/docs/CVE-2018-14618.html

But I never mention them in my release notes, so if the person
doing the commit wants to add 'CVE-2018-14618', feel free to do so.

-ng0