Fix security issue connected to extracting .tar.gz archives

This bug allows to write arbitrary file on filesystem when Bower extracts malicious package

Needlessly to say, please upgrade

Assets 2