The version don't match and only the Jenkins plugin is affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 524acf0542)
Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE))
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Vulnerability in the MySQL Client product of Oracle MySQL (component:
Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41,
8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Client. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all MySQL Client
accessible data as well as unauthorized update, insert or delete access to
some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality
and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-30722
Upstream-patch:
https://github.com/MariaDB/server/commit/6aa860be27480db134a3c71065b9b47d15b72674
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
python3-gunicorn depends on python3-geventlet. geventlet has made some
breaking changes (which is part of meta-oe/kirkstone), however gunicorn
wasn't adapted to this, and it broke some features (at least ptests).
This patch backports the change that adapts gunicorn to the used version
of geventlet.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
1. Add missing ptest dependency (pytest-subtest)
2. The testsuite is installed in both the site-packages and ${PTEST_PATH}
folders, however some dependencies are only available in the site-packages
folder, so many test cases fail.
At this point of the branch lifecycle I decided not to refactor the recipe, but
rather to just use the installation in the site-packages dir to run the
tests (switch to that folder in the run-ptest script)
3. Fix the run-ptest script to output PASS/FAIL status.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The application ships with a self signed certificate as part of the test suite.
Unfortunately this certificate has expired in 2021, and since then the tests
refuse to use it, they just fail.
Upstream has fixed this issue by refactoring these tests[1] not to use a vendored
certificate, but rather to use the "python3-trustme" module - however this
is not part of Kirkstone meta-oe, so that patch cannot be used.
Due to this, disable these particular test cases.
[1]: https://github.com/requests/toolbelt/commit/b93b4067ea1ded1e33959920ae5ff4163fdd6939
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The tests require the library to be present in the folder of test execution,
otherwise many of them fail.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
libxml has derecated the "xmlSetFeature" call, and hid is behind a special
config flag (--with-legacy), which is not used by default in oe-core.
This makes compilation fail, when "esi" PACKAGECONFIG is enabled:
Libxml2Parser.cc:94:5: error: 'xmlSetFeature' was not declared in this scope; did you mean 'xmlHasFeature'?
This backported patch fixes this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This removes false positive CVE-2024-21485 from cve reports.
$ sqlite3 nvdcve_2-2.db
sqlite> select * from products where product = 'dash';
CVE-2009-0854|dash|dash|0.5.4|=||
CVE-2024-21485|plotly|dash|||2.13.0|<
CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|<
Our dash:dash did not reach major version 1 yet.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e1427013e0)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The vendored argon library comes with Apache-2.0 or CC0
license, which hasn't been indicated in the license variable.
This change fixes this.
Reported-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
oe-core currently ships with Python 3.10.18.
Python 3.10.17 has introduced a change in urlparse library, regarding how
brackets are handled by urllib.parse.urlsplit() and urlparse() functions
(which makes it more conformant to the specification).
This has caused a regression in yarl: some tests have failed, and it also
revealed a bug in how yarl treates brackets.
This backported patch corrects this behavior, making it compatible once
again with the current Python version - and it also allows the the ptests
to pass once again.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
1. Some tests require internet access. Set a DNS for that, if it is not
available at the start of the test.
2. Added a backported patch that fixes some failing tests, due to a
variable header value contained in a response. (fix-failing-ptest.patch)
3. Added a backported patch that avoids calling pytest fixtures directly.
If not applied, tests calling them are marked as failing by pytest.
(fix-direct-calls-to-test-fixtures.patch)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The current script doesn't execute any tests. This patch fixes the
run-ptest script.
This is mostly a backport of e183db0c8f.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The run-ptest script had incorrect output: instead of PASS/FAIL, it
is outputting OK/FAILED - that cannot be interpreted by the logparser.
This patch sets the correct run-ptest output.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Setting the RDEPENDS with "=" erased the base dependencies
(notably ${PN} itself) from the list, making the tests fail, unless
the dependencies were installed explicitly.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The recipe inherits the ptest class, however installs no tests nor
run-ptest script.
This change rectifies this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The original content of the ptest package, manette-test, is a helper demo
application (like evtest), and not a test suite. Also, the recipe did not
provide a run-ptest script.
Fix it by installing the actual tests, and adding a run-ptest script.
Note that the test folder structure looks like a gnome desktop test suite
(and the application is under the gnome umbrella), however the project
doesn't provide all necessary scaffolding for gnome-desktop-test to work, so
the tests are executed directly from the run-ptest script.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Some files are not installed with the testsuite, making it fail.
Both of these were fixed upstream, however only one patch applies cleanly.
The other is fixed with a single "install" command.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The test cases in jemalloc require the appropriate value to be exported
to MALLOC_CONF, which is stored in shell scripts.
The privious script just ran the test cases without exporting value, causing
the tests to fail.
Include the missing shell scripts, and source them before running the test
cases now.
Signed-off-by: Wentao Zhang <wentao.zhang@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit b3274b4e90)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
All the ptest cases are failed since error "+++ Can't Determine Endianness",
update the regex for matching the endianness to fix this issue.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 6de9b46cc7)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The run-ptest script was trying to call test_align executable, which
doesn't exist (anymore?).
Instead align more to master branch, and execute the selftests themselves.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Ninette Adhikari
Peter Marko
Gyorgy Sarvari
Alexandre Truong
Divya Chellam
Praveen Kumar
Vijay Anusuri
Derek Straka
Khem Raj
Wentao Zhang
Changqing Li