Buffer overflows and erratic behavior in decompression routines and unpackers are nothing new really, but CERT-FI (Finland) still has added a nice twist by providing a library of "fuzzed" (deliberately and randomly wrong) archive format test files.  www.cert.fi/haavoittuvuudet/joint-advisory-archive-formats.html .  The patches that F-Secure AV released earlier today seem to be related to this issue - but I frankly rather have my AV listed as "affected, patch available" than as "unknown"....