gh-146581: Fix vulnerability in shutil.unpack_archive() for ZIP files on Windows (GH-146591)

Use ZipFile.extractall() to sanitize file names and extract files.

Files with invalid names (e.g. absolute paths) are now skipped.

Files containing ".." in the name are no longer skipped.