Okay, so these packages come with more mitigations than 7-Zip on Windows. However, looking at the source code, I am pretty sure they are affected by the same bug.
"Unaffected" was probably the wrong word to use. What I meant is that one of the mitigations (making the executables position-independent) should prevent the bug from being exploitable for remote code execution on Debian.