diff -Naur gzip-1.4-orig//ChangeLog gzip-1.4-pa2//ChangeLog
--- gzip-1.4-orig//ChangeLog	2010-01-20 08:27:57.000000000 -0800
+++ gzip-1.4-pa2//ChangeLog	2011-08-27 15:46:12.309151229 -0700
@@ -1,3 +1,7 @@
+2011-11-04  Michael Gray <mikenet@gmail.com>
+	* unzip.c: Fixed CRC and length check bug when extended local header
+	does not contain the optional signature.
+
 2010-01-20  Jim Meyering  <meyering@redhat.com>
 
 	version 1.4
diff -Naur gzip-1.4-orig//unzip.c gzip-1.4-pa2//unzip.c
--- gzip-1.4-orig//unzip.c	2010-01-03 09:26:02.000000000 -0800
+++ gzip-1.4-pa2//unzip.c	2011-08-27 15:27:50.639150775 -0700
@@ -46,7 +46,8 @@
 #define LOCFIL 26               /* offset of file name field length */
 #define LOCEXT 28               /* offset of extra field length */
 #define LOCHDR 30               /* size of local header, including sig */
-#define EXTHDR 16               /* size of extended local header, inc sig */
+#define EXTHDR 12               /* size of extended local header, excl sig */
+#define EXTHDRSIG 4             /* size of optional extended local header sig */
 #define RAND_HEAD_LEN  12       /* length of encryption random header */
 
 
@@ -113,7 +114,8 @@
     int in, out;   /* input and output file descriptors */
 {
     ulg orig_crc = 0;       /* original crc */
-    ulg orig_len = 0;       /* original uncompressed length */
+    ulg orig_ulen = 0;      /* original uncompressed length */
+    ulg orig_clen = 0;      /* original compressed length */
     int n;
     uch buf[EXTHDR];        /* extended local header */
     int err = OK;
@@ -125,7 +127,7 @@
 
     if (pkzip && !ext_header) {  /* crc and length at the end otherwise */
 	orig_crc = LG(inbuf + LOCCRC);
-	orig_len = LG(inbuf + LOCLEN);
+	orig_ulen = LG(inbuf + LOCLEN);
     }
 
     /* Decompress */
@@ -166,10 +168,10 @@
 	    buf[n] = (uch)get_byte(); /* may cause an error if EOF */
 	}
 	orig_crc = LG(buf);
-	orig_len = LG(buf+4);
+	orig_ulen = LG(buf+4);
 
     } else if (ext_header) {  /* If extended header, check it */
-	/* signature - 4bytes: 0x50 0x4b 0x07 0x08
+	/* signature - 4bytes: 0x50 0x4b 0x07 0x08 (optional)
 	 * CRC-32 value
          * compressed size 4-bytes
          * uncompressed size 4-bytes
@@ -177,8 +179,29 @@
 	for (n = 0; n < EXTHDR; n++) {
 	    buf[n] = (uch)get_byte(); /* may cause an error if EOF */
 	}
-	orig_crc = LG(buf+4);
-	orig_len = LG(buf+12);
+	orig_crc = LG(buf);
+	orig_clen = LG(buf+4);
+	orig_ulen = LG(buf+8);
+    
+	/* Try out the CRC and len assuming no signature 
+	 * as the signature value could be a valid CRC that
+	 * we shouldn't skip over!
+	 */
+	if (orig_crc != updcrc(outbuf, 0) || 
+	      orig_ulen != (ulg)(bytes_out & 0xffffffff)) {
+	  /* Check for the optional signature */
+	    if(orig_crc == 0x08074b50UL) {
+	      /* Signature match, read in rest of header and shift
+	       * already read values to skip the signature
+	       */
+	      for (n = 0; n < EXTHDRSIG; n++) {
+	        buf[n] = (uch)get_byte(); /* may cause an error if EOF */
+	      }
+	      orig_crc = orig_clen;
+	      orig_clen = orig_ulen;
+	      orig_ulen = LG(buf);
+	    }
+	}
     }
 
     /* Validate decompression */
@@ -187,7 +210,7 @@
 		program_name, ifname);
 	err = ERROR;
     }
-    if (orig_len != (ulg)(bytes_out & 0xffffffff)) {
+    if (orig_ulen != (ulg)(bytes_out & 0xffffffff)) {
 	fprintf(stderr, "\n%s: %s: invalid compressed data--length error\n",
 		program_name, ifname);
 	err = ERROR;