Heap-based out-of-bounds write in fileio.c:set_zipfn_sgmnt_name() was found when archive filename does not contain a .zip suffix, possibly causing crash of application.
Name: R. Freingruber (SEC Consult Vulnerability Lab)
This issue did not affect the versions of unzip as shipped with Red Hat Enterprise Linux 5, 6, and 7, as they did not include support for set_zipfn_sgmnt_name function.
Created unzip tracking bugs for this issue:
Affects: fedora-all [bug 1543337]