1. Add a patch to fix an incorrect and failing test
2. Add missing dependencies and test files
3. Enable network in run-ptest script by adding a nameserver
4. Start mongodb from run-ptest script, if it wouldn't be running.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Though tzdata is present in almost all images, some of them are lacking it:
most notably minimal ptest images. mongodb relies on tzdata, otherwise it
doesn't even start up. To ensure that mongodb can be started up
successfully, explicitly add tzdata to its dependencies.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Add missing dependencies.
Also, fixing the tests have surfaced an actual bug: the module
expects unversioned perl library to be present on the system
(or at least present in Perl's $Config{libperl}), however the
OE Perl build has a versioned library, which causes final linking
to fail.
A patch to correct this is part of this change, and it has been
submitted upstream also.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Disable host key checking during tests, so the test can be executed without
human intervention. Also add missing dependency.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
- Detect active network interface to use, instead of asking user, this needs
to run in automation
- Find the location of ppp_null.so with find instead of rpm, rpm is a distro choice
it can be assumed to be always there.
- Add missing runtime deps for ptests
- Kill openl2tpd started by run-ptest script before exiting, otherwise
ptest runner hangs forever.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit d30427f475)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The version don't match and only the Jenkins plugin is affected.
Signed-off-by: Ninette Adhikari <ninette@thehoodiefirm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit 524acf0542)
Adapted to Kirkstone (CVE_STATUS -> CVE_CHECK_IGNORE))
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Vulnerability in the MySQL Client product of Oracle MySQL (component:
Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41,
8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low
privileged attacker with network access via multiple protocols to compromise
MySQL Client. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all MySQL Client
accessible data as well as unauthorized update, insert or delete access to
some of MySQL Client accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality
and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N).
Reference:
https://security-tracker.debian.org/tracker/CVE-2025-30722
Upstream-patch:
https://github.com/MariaDB/server/commit/6aa860be27480db134a3c71065b9b47d15b72674
Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
python3-gunicorn depends on python3-geventlet. geventlet has made some
breaking changes (which is part of meta-oe/kirkstone), however gunicorn
wasn't adapted to this, and it broke some features (at least ptests).
This patch backports the change that adapts gunicorn to the used version
of geventlet.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
1. Add missing ptest dependency (pytest-subtest)
2. The testsuite is installed in both the site-packages and ${PTEST_PATH}
folders, however some dependencies are only available in the site-packages
folder, so many test cases fail.
At this point of the branch lifecycle I decided not to refactor the recipe, but
rather to just use the installation in the site-packages dir to run the
tests (switch to that folder in the run-ptest script)
3. Fix the run-ptest script to output PASS/FAIL status.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The application ships with a self signed certificate as part of the test suite.
Unfortunately this certificate has expired in 2021, and since then the tests
refuse to use it, they just fail.
Upstream has fixed this issue by refactoring these tests[1] not to use a vendored
certificate, but rather to use the "python3-trustme" module - however this
is not part of Kirkstone meta-oe, so that patch cannot be used.
Due to this, disable these particular test cases.
[1]: https://github.com/requests/toolbelt/commit/b93b4067ea1ded1e33959920ae5ff4163fdd6939
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
The tests require the library to be present in the folder of test execution,
otherwise many of them fail.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
libxml has derecated the "xmlSetFeature" call, and hid is behind a special
config flag (--with-legacy), which is not used by default in oe-core.
This makes compilation fail, when "esi" PACKAGECONFIG is enabled:
Libxml2Parser.cc:94:5: error: 'xmlSetFeature' was not declared in this scope; did you mean 'xmlHasFeature'?
This backported patch fixes this.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
This removes false positive CVE-2024-21485 from cve reports.
$ sqlite3 nvdcve_2-2.db
sqlite> select * from products where product = 'dash';
CVE-2009-0854|dash|dash|0.5.4|=||
CVE-2024-21485|plotly|dash|||2.13.0|<
CVE-2024-21485|plotly|dash|2.14.0|>=|2.15.0|<
Our dash:dash did not reach major version 1 yet.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
(cherry picked from commit e1427013e0)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Gyorgy Sarvari
Khem Raj
Zhang Peng
Ninette Adhikari
Peter Marko
Alexandre Truong
Divya Chellam
Praveen Kumar
Vijay Anusuri