[SECURITY]: imported Debian patches to fix CVE-2007-0897 (CAB file DOS),
CVE-2007-0898 (Directory traversal vulnerability) and CVE-2007-0899
(Heap overflow). Fix CVE-for 2007-0897 is not perfect (disables CAB
file parsing completely) but the best I can do atm