When zipping multiple files with the execute bit set, and subsequently unzipping them with the "restorepermissions" option, one of the files will have its permissions restored to 666 instead of the correct value. I can't figure out the exact conditions that will trigger this bug, but I've written a testcase based on my actual use. The contents of the files have been deleted, but the bug still triggers.
1) extract restorepermissions_bug.tar.gz to any directory
2) cd to that directory
4) Look at the output. The desired output is that all files should have the same permissions as their sources. But at least one (on my system, regression.sh) will have 666 instead.
zBuild:/tmp/ziptest_source # uname -a
Linux zBuild 22.214.171.124-0.7-xen #1 SMP 2010-12-13 11:13:53 +0100 x86_64 x86_64 x86_64 GNU/Linux
zBuild:/tmp/ziptest_source # staf local misc version
zBuild:/tmp/ziptest_source # staf local zip version