Package: unzip Version: 6.0 Severity: normal I still see this bug in version 6.0 (6.0-26ubuntu3, to be precise).
It's a security issue (because it allows other users on the same machine to
overwrite the extracted files, if they know the file names).
As such:
* It should be treated with severity at least 'normal', per [1].
* Secure behaviour should be the default, not just enabled by an option.
Even if it breaks backward compatibility!
[1] https://www.debian.org/Bugs/Developer.en.html#severities
