package/cpio: drop CVE-2021-38185 from IGNORE_CVES

CVE-2021-38185 affects cpio <= 2.13. The mentioned patches were removed in b0306d94 when bumping to 2.14. Signed-off-by: Daniel Lang <dalang@gmx.at> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit 880e03ba75) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-20 06:34:20 +02:00 · 2023-09-20 06:34:20 +02:00 · e1cbd0808b
commit e1cbd0808b
parent 263c07fb96
1 changed files with 0 additions and 4 deletions
--- a/package/cpio/cpio.mk
+++ b/package/cpio/cpio.mk
@ -12,10 +12,6 @@ CPIO_LICENSE = GPL-3.0+
 CPIO_LICENSE_FILES = COPYING
 CPIO_CPE_ID_VENDOR = gnu

-# 0002-Rewrite-dynamic-string-support.patch
-# 0003-Fix-previous-commit.patch
-CPIO_IGNORE_CVES += CVE-2021-38185
-
 # cpio uses argp.h which is not provided by uclibc or musl by default.
 # Use the argp-standalone package to provide this.
 ifeq ($(BR2_PACKAGE_ARGP_STANDALONE),y)