Gentoo Linux Security Advisory GLSA 200708-03 – CPNI, CERT-FI, Tim Kientzle, and Colin Percival reported a buffer overflow (CVE-2007-3641), an infinite loop (CVE-2007-3644), and a NULL pointer dereference (CVE-2007-3645) within the processing of archives having corrupted PaX extension headers. Versions less than 2.2.4 are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/58388/glsa-200708-03.txt
Source: https://packetstormsecurity.com/files/58388/Gentoo-Linux-Security-Advisory-200708-3.html