Debian security advisory DSA-1435-1 annouces fix for following issue: # CVE-2007-6336 It was discovered that on off-by-one in the MS-ZIP decompression code may lead to the execution of arbitrary code. http://www.debian.org/security/2007/dsa-1435 Patch for the issue is available in the Gentoo Bugzilla: https://bugs.gentoo.org/show_bug.cgi?id=202762#c4 and is included in upstream version 0.92.
This issue was addressed in: Fedora: https://admin.fedoraproject.org/updates/F7/FEDORA-2008-0170 https://admin.fedoraproject.org/updates/F8/FEDORA-2008-0115