unzip is vulnerable to denial of service. The checksum of the extra fields of a file is not properly computed, which results in a buffer overflow when a malicious zip archive is processed with -t
option, allowing a remote attacker to crash the application.
www.ocert.org/advisories/ocert-2014-011.html
www.securitytracker.com/id/1031433
access.redhat.com/errata/RHSA-2015:0700
access.redhat.com/security/cve/CVE-2014-8139
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1174844
rhn.redhat.com/errata/RHSA-2015-0700.html