package/tar: drop CVE-2007-4476 from IGNORE_CVES

As off 2021-05-17 NVD added 1.19 as the first version that isn't
affected by CVE-2007-4476.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 487c12a1f29140bf61abcf4cc575bd83b1fc933b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/tar/tar.mk

@@ -13,8 +13,6 @@ TAR_CONF_OPTS = --exec-prefix=/
 TAR_LICENSE = GPL-3.0+
 TAR_LICENSE_FILES = COPYING
 TAR_CPE_ID_VENDOR = gnu
-# only tar <= 1.16
-TAR_IGNORE_CVES += CVE-2007-4476
 
 ifeq ($(BR2_PACKAGE_ACL),y)
 TAR_DEPENDENCIES += acl