Fix CVE-2018-1000097:

https://security-tracker.debian.org/tracker/CVE-2018-1000097
https://nvd.nist.gov/vuln/detail/CVE-2018-1000097

Patch taken from upstream bug report:
https://lists.gnu.org/archive/html/bug-gnu-utils/2018-02/msg00005.html

diff --git a/src/unshar.c b/src/unshar.c
index 80bc3a9..0fc3773 100644
--- a/src/unshar.c
+++ b/src/unshar.c
@@ -240,7 +240,7 @@ find_archive (char const * name, FILE * file, off_t start)
       off_t position = ftello (file);
 
       /* Read next line, fail if no more and no previous process.  */
-      if (!fgets (rw_buffer, BUFSIZ, file))
+      if (!fgets (rw_buffer, rw_base_size, file))
 	{
 	  if (!start)
 	    error (0, 0, _("Found no shell commands in %s"), name);
szko' selected='selected'>koszko</option>
<option value='koszko-scripts'>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>refs</a><a class='active' href='/guix/log/etc/substitutes'>log</a><a href='/guix/tree/etc/substitutes?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>tree</a><a href='/guix/commit/etc/substitutes?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>commit</a><a href='/guix/diff/etc/substitutes?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/etc/substitutes'>
<input type='hidden' name='id' value='26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>root</a>/<a href='/guix/log/etc?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>etc</a>/<a href='/guix/log/etc/substitutes?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0'>substitutes</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/etc/substitutes?id=26d361b5cfc252b3a43ec8f63bf418ed654e2bc0&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2019-06-29 14:27:22 +0200'>2019-06-29</span></td><td><a href='/guix/commit/etc/substitutes?id=3a8bfebed94ba295432da8304b7ffb4a611ef761'>etc: Remove hydra.gnu.org.pub key.</a><span class='msg-avail'>...</span></td><td>Tobias Geerinckx-Rice</td></tr>
<tr><td><span title='2019-05-01 11:05:47 +0200'>2019-05-01</span></td><td><a href='/guix/commit/etc/substitutes?id=757e633d57a7b994759d69e41dd759a39f1a34ae'>build: Change default substitute server to "ci.guix.gnu.org".</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2018-12-04 10:57:56 +0100'>2018-12-04</span></td><td><a href='/guix/commit/etc/substitutes?id=6a837b6062ab405f6ca6d9c0163836769098d89b'>etc: Add "ci.guix.info.pub" public key file.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2018-11-06 00:04:11 +0100'>2018-11-06</span></td><td><a href='/guix/commit/etc/substitutes?id=aa919fbc890c5438166083f9ff02e4b1968a182b'>maint: Move substitute public keys to etc/substitutes.</a><span class='msg-avail'>...</span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2019-06-29	etc: Remove hydra.gnu.org.pub key....	Tobias Geerinckx-Rice
2019-05-01	build: Change default substitute server to "ci.guix.gnu.org"....	Ludovic Courtès
2018-12-04	etc: Add "ci.guix.info.pub" public key file....	Ludovic Courtès
2018-11-06	maint: Move substitute public keys to etc/substitutes....	Ludovic Courtès