Disable host key checking during tests, so the test can be executed without
human intervention. Also add missing dependency.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
- Detect active network interface to use, instead of asking user, this needs
to run in automation
- Find the location of ppp_null.so with find instead of rpm, rpm is a distro choice
it can be assumed to be always there.
- Add missing runtime deps for ptests
- Kill openl2tpd started by run-ptest script before exiting, otherwise
ptest runner hangs forever.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d30427f475)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The version don't match and only the Jenkins plugin is affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 524acf0542)
Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE))
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Vulnerability in the MySQL Client product of Oracle MySQL (component:
Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41,
8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Client. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all MySQL Client
accessible data as well as unauthorized update, insert or delete access to
some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality
and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-30722
Upstream-patch:
https://github.com/MariaDB/server/commit/6aa860be27480db134a3c71065b9b47d15b72674
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
python3-gunicorn depends on python3-geventlet. geventlet has made some
breaking changes (which is part of meta-oe/kirkstone), however gunicorn
wasn't adapted to this, and it broke some features (at least ptests).
This patch backports the change that adapts gunicorn to the used version
of geventlet.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
1. Add missing ptest dependency (pytest-subtest)
2. The testsuite is installed in both the site-packages and ${PTEST_PATH}
folders, however some dependencies are only available in the site-packages
folder, so many test cases fail.
At this point of the branch lifecycle I decided not to refactor the recipe, but
rather to just use the installation in the site-packages dir to run the
tests (switch to that folder in the run-ptest script)
3. Fix the run-ptest script to output PASS/FAIL status.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The application ships with a self signed certificate as part of the test suite.
Unfortunately this certificate has expired in 2021, and since then the tests
refuse to use it, they just fail.
Upstream has fixed this issue by refactoring these tests[1] not to use a vendored
certificate, but rather to use the "python3-trustme" module - however this
is not part of Kirkstone meta-oe, so that patch cannot be used.
Due to this, disable these particular test cases.
[1]: https://github.com/requests/toolbelt/commit/b93b4067ea1ded1e33959920ae5ff4163fdd6939
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The tests require the library to be present in the folder of test execution,
otherwise many of them fail.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
libxml has derecated the "xmlSetFeature" call, and hid is behind a special
config flag (--with-legacy), which is not used by default in oe-core.
This makes compilation fail, when "esi" PACKAGECONFIG is enabled:
Libxml2Parser.cc:94:5: error: 'xmlSetFeature' was not declared in this scope; did you mean 'xmlHasFeature'?
This backported patch fixes this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This removes false positive CVE-2024-21485 from cve reports.
$ sqlite3 nvdcve_2-2.db
sqlite> select * from products where product = 'dash';
CVE-2009-0854|dash|dash|0.5.4|=||
CVE-2024-21485|plotly|dash|||2.13.0|<
CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|<
Our dash:dash did not reach major version 1 yet.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e1427013e0)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The vendored argon library comes with Apache-2.0 or CC0
license, which hasn't been indicated in the license variable.
This change fixes this.
Reported-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
oe-core currently ships with Python 3.10.18.
Python 3.10.17 has introduced a change in urlparse library, regarding how
brackets are handled by urllib.parse.urlsplit() and urlparse() functions
(which makes it more conformant to the specification).
This has caused a regression in yarl: some tests have failed, and it also
revealed a bug in how yarl treates brackets.
This backported patch corrects this behavior, making it compatible once
again with the current Python version - and it also allows the the ptests
to pass once again.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
1. Some tests require internet access. Set a DNS for that, if it is not
available at the start of the test.
2. Added a backported patch that fixes some failing tests, due to a
variable header value contained in a response. (fix-failing-ptest.patch)
3. Added a backported patch that avoids calling pytest fixtures directly.
If not applied, tests calling them are marked as failing by pytest.
(fix-direct-calls-to-test-fixtures.patch)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The current script doesn't execute any tests. This patch fixes the
run-ptest script.
This is mostly a backport of e183db0c8f.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Gyorgy Sarvari
Khem Raj
Zhang Peng
Ninette Adhikari
Peter Marko
Alexandre Truong
Divya Chellam
Praveen Kumar
Vijay Anusuri
Derek Straka