From: Petr Pisar
Subject: Fix CVE-2018-1000097, heap buffer overflow in unshar
Bug-Debian: https://bugs.debian.org/893525
X-Debian-version: 1:4.15.2-3

--- a/src/unshar.c
+++ b/src/unshar.c
@@ -240,7 +240,7 @@
       off_t position = ftello (file);
 
       /* Read next line, fail if no more and no previous process.  */
-      if (!fgets (rw_buffer, BUFSIZ, file))
+      if (!fgets (rw_buffer, rw_base_size, file))
 	{
 	  if (!start)
 	    error (0, 0, _("Found no shell commands in %s"), name);