[Buildroot] [PATCH] package/tar: drop CVE-2007-4476 from IGNORE_CVES

[Buildroot] [PATCH] package/tar: drop CVE-2007-4476 from IGNORE_CVES

[Daniel Lang]

As off 2021-05-17 NVD added 1.19 as the first version that isn't
affected by CVE-2007-4476.

Signed-off-by: Daniel Lang <dalang@gmx.at>
---
 package/tar/tar.mk | 2 --
 1 file changed, 2 deletions(-)

diff --git a/package/tar/tar.mk b/package/tar/tar.mk
index 80d7495b00..690a5952ba 100644
--- a/package/tar/tar.mk
+++ b/package/tar/tar.mk
@@ -13,8 +13,6 @@ TAR_CONF_OPTS = --exec-prefix=/
 TAR_LICENSE = GPL-3.0+
 TAR_LICENSE_FILES = COPYING
 TAR_CPE_ID_VENDOR = gnu
-# only tar <= 1.16
-TAR_IGNORE_CVES += CVE-2007-4476
 
 ifeq ($(BR2_PACKAGE_ACL),y)
 TAR_DEPENDENCIES += acl
-- 
2.42.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH] package/tar: drop CVE-2007-4476 from IGNORE_CVES

[Thomas Petazzoni via buildroot]

On Thu, 21 Sep 2023 06:19:54 +0200
Daniel Lang <dalang@gmx.at> wrote:

> As off 2021-05-17 NVD added 1.19 as the first version that isn't
> affected by CVE-2007-4476.
> 
> Signed-off-by: Daniel Lang <dalang@gmx.at>
> ---
>  package/tar/tar.mk | 2 --
>  1 file changed, 2 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

Re: [Buildroot] [PATCH] package/tar: drop CVE-2007-4476 from IGNORE_CVES

[Peter Korsgaard]

>>>>> "Daniel" == Daniel Lang <dalang@gmx.at> writes:

 > As off 2021-05-17 NVD added 1.19 as the first version that isn't
 > affected by CVE-2007-4476.

 > Signed-off-by: Daniel Lang <dalang@gmx.at>

Committed to 2023.02.x, 2023.05.x and 2023.08.x, thanks.

-- 
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot