package/tar: drop CVE-2007-4476 from IGNORE_CVES

As off 2021-05-17 NVD added 1.19 as the first version that isn't affected by CVE-2007-4476. Signed-off-by: Daniel Lang <dalang@gmx.at> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 487c12a1f2) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-21 06:19:54 +02:00 · 2023-09-21 06:19:54 +02:00 · a1f6dbd031
commit a1f6dbd031
parent d2ed3df411
1 changed files with 0 additions and 2 deletions
--- a/package/tar/tar.mk
+++ b/package/tar/tar.mk
@ -13,8 +13,6 @@ TAR_CONF_OPTS = --exec-prefix=/
 TAR_LICENSE = GPL-3.0+
 TAR_LICENSE_FILES = COPYING
 TAR_CPE_ID_VENDOR = gnu
-# only tar <= 1.16
-TAR_IGNORE_CVES += CVE-2007-4476

 ifeq ($(BR2_PACKAGE_ACL),y)
 TAR_DEPENDENCIES += acl