There's a merged pull request on the void-packages repository

unzip: fix CVE-2018-18384.
https://github.com/void-linux/void-packages/pull/17796

Description: