system/unzip: change upstream to Debian (#123)

Debian's patches close several CVEs, including a few of which I wasn't
even aware. They also include the patches we were already carrying:

These were plucked directly from Debian so the names are the same:
10-unzip-handle-pkware-verify.patch
20-unzip-uidgid-fix.patch

Our unzip-6.0-heap-overflow-infloop.patch is covered by Debian's:
14-cve-2015-7696.patch
15-cve-2015-7697.patch
16-fix-integer-underflow-csiz-decrypted.patch

1 files changed, 0 insertions, 21 deletions

diff --git a/system/unzip/10-unzip-handle-pkware-verify.patch b/system/unzip/10-unzip-handle-pkware-verify.patch
deleted file mode 100644
index b373ce07d..000000000
--- a/system/unzip/10-unzip-handle-pkware-verify.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-From: Steven Schweda
-Subject: Handle the PKWare verification bit of internal attributes
-Bug-Debian: http://bugs.debian.org/630078
-X-Debian-version: 6.0-5
-
---- a/process.c
-+++ b/process.c
-@@ -1729,6 +1729,13 @@
-     else if (uO.L_flag > 1)   /* let -LL force lower case for all names */
-         G.pInfo->lcflag = 1;
- 
-+    /* Handle the PKWare verification bit, bit 2 (0x0004) of internal
-+       attributes.  If this is set, then a verification checksum is in the
-+       first 3 bytes of the external attributes.  In this case all we can use
-+       for setting file attributes is the last external attributes byte. */
-+    if (G.crec.internal_file_attributes & 0x0004)
-+      G.crec.external_file_attributes &= (ulg)0xff;
-+
-     /* do Amigas (AMIGA_) also have volume labels? */
-     if (IS_VOLID(G.crec.external_file_attributes) &&
-         (G.pInfo->hostnum == FS_FAT_ || G.pInfo->hostnum == FS_HPFS_ ||