Build #5

Plan branch:

Build: #5 failed Manual run by Akeem Wells

Build result summary

Details

Completed
Queue duration
7 seconds
Duration
4 minutes
Labels
None
Revisions
Casa6
5c7ff663419900e4d4db774f37f36ad417f2abc6 5c7ff663419900e4d4db774f37f36ad417f2abc6
OPEN-CASA-PKG
4b9064f16a8d185b162391c3ef324299625bd94b 4b9064f16a8d185b162391c3ef324299625bd94b
Total tests
214

Tests

Responsible

No one has taken responsibility for this failure

Code commits

Casa6
Author Commit Message Commit date
Akeem Wells Akeem Wells 5c7ff663419900e4d4db774f37f36ad417f2abc6 5c7ff663419900e4d4db774f37f36ad417f2abc6 Pull request #883: Update to use util find_spec instead of find_loader
Merge in CASA/casa6 from CAS-14470 to master

* commit 'acf17965893895c92835c7cabddf517ca0821f05':
  Update to use util find_spec instead of find_loader
Akeem Wells Akeem Wells acf17965893895c92835c7cabddf517ca0821f05 acf17965893895c92835c7cabddf517ca0821f05 Update to use util find_spec instead of find_loader
Takahiro Tsutsumi Takahiro Tsutsumi c26249c8821163349498583691736439ba09c78f c26249c8821163349498583691736439ba09c78f Pull request #880: Add assertTrue test at the end of test_het_mosaic_mfs_alma_listofms_CAS14350fix
Merge in CASA/casa6 from CAS-14465 to master

* commit 'bc7512a0f92339aa2ee25a7909238b92e8879733':
  Add assertTrue test at the end of test_het_mosaic_mfs_alma_listofms_CAS14350fix
Takahiro Tsutsumi Takahiro Tsutsumi bc7512a0f92339aa2ee25a7909238b92e8879733 bc7512a0f92339aa2ee25a7909238b92e8879733 Add assertTrue test at the end of test_het_mosaic_mfs_alma_listofms_CAS14350fix
Ville Suoranta Ville Suoranta 28ed41636d537c89a4c6532cccd25a645a53b89a 28ed41636d537c89a4c6532cccd25a645a53b89a Pull request #879: Update tests/tasks/test_task_simobserve.py (CAS-14429)
Merge in CASA/casa6 from CAS-14429 to master

* commit '0f91b3e9b4011f3b383a3f5920b31c1c54b658d4':
  Update tests/tasks/test_task_simobserve.py (CAS-14429)

995 more changes...

Tests

New test failures 8
Status Test View job Duration
Collapse Failed pip v_22_3_1 History
Check For Known Vulnerabilities ManyLinux2014 Python 3.10 < 1 sec 
When installing a package from a Mercurial VCS URL  (ie pip install  hg+...) with pip prior to v23.3 the specified Mercurial revision could  be used to inject arbitrary configuration options to the hg clone  call (ie --config). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who arent installing from Mercurial. 
When installing a package from a Mercurial VCS URL  (ie pip install  hg+...) with pip prior to v23.3 the specified Mercurial revision could  be used to inject arbitrary configuration options to the hg clone  call (ie --config). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who arent installing from Mercurial.
Collapse Failed pip v_22_3_1 History
Check For Known Vulnerabilities ManyLinux228 Python 3.10 < 1 sec 
When installing a package from a Mercurial VCS URL  (ie pip install  hg+...) with pip prior to v23.3 the specified Mercurial revision could  be used to inject arbitrary configuration options to the hg clone  call (ie --config). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who arent installing from Mercurial. 
When installing a package from a Mercurial VCS URL  (ie pip install  hg+...) with pip prior to v23.3 the specified Mercurial revision could  be used to inject arbitrary configuration options to the hg clone  call (ie --config). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who arent installing from Mercurial.
Collapse Failed protobuf v_3_20_1 History
Check For Known Vulnerabilities ManyLinux2014 Python 3.10 < 1 sec 
 Summary  A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message which could lead to a denial of service (DoS) on services using the libraries.  Reporter: ClusterFuzz(https://google.github.io/clusterfuzz/)  Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below.  
 Summary  A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message which could lead to a denial of service (DoS) on services using the libraries.  Reporter: ClusterFuzz(https://google.github.io/clusterfuzz/)  Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below.
Collapse Failed protobuf v_3_20_1 History
Check For Known Vulnerabilities ManyLinux228 Python 3.10 < 1 sec 
 Summary  A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message which could lead to a denial of service (DoS) on services using the libraries.  Reporter: ClusterFuzz(https://google.github.io/clusterfuzz/)  Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below.  
 Summary  A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message which could lead to a denial of service (DoS) on services using the libraries.  Reporter: ClusterFuzz(https://google.github.io/clusterfuzz/)  Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below.
Collapse Failed setuptools v_65_5_0 History
Check For Known Vulnerabilities ManyLinux2014 Python 3.10 < 1 sec 
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in packageindex.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in packageindex.py.
Collapse Failed setuptools v_65_5_0 History
Check For Known Vulnerabilities ManyLinux228 Python 3.10 < 1 sec 
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in packageindex.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in packageindex.py.
Collapse Failed urllib3 v_1_26_6 History
Check For Known Vulnerabilities ManyLinux2014 Python 3.10 < 1 sec 
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesnt treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP that is the responsibility of the user. However it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesnt disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesnt treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP that is the responsibility of the user. However it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesnt disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
Collapse Failed urllib3 v_1_26_6 History
Check For Known Vulnerabilities ManyLinux228 Python 3.10 < 1 sec 
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesnt treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP that is the responsibility of the user. However it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesnt disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesnt treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP that is the responsibility of the user. However it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesnt disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
Existing test failures 4
Status Test Failing since View job Duration 
When installing a package from a Mercurial VCS URL  (ie pip install  hg+...) with pip prior to v23.3 the specified Mercurial revision could  be used to inject arbitrary configuration options to the hg clone  call (ie --config). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who arent installing from Mercurial. 
When installing a package from a Mercurial VCS URL  (ie pip install  hg+...) with pip prior to v23.3 the specified Mercurial revision could  be used to inject arbitrary configuration options to the hg clone  call (ie --config). Controlling the Mercurial configuration can modify  how and which repository is installed. This vulnerability does not  affect users who arent installing from Mercurial. 
 Summary  A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message which could lead to a denial of service (DoS) on services using the libraries.  Reporter: ClusterFuzz(https://google.github.io/clusterfuzz/)  Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below.  
 Summary  A message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory (OOM) failure when processing a specially crafted message which could lead to a denial of service (DoS) on services using the libraries.  Reporter: ClusterFuzz(https://google.github.io/clusterfuzz/)  Affected versions: All versions of C++ Protobufs (including Python) prior to the versions listed below.  
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in packageindex.py.
Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in packageindex.py.
 
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesnt treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP that is the responsibility of the user. However it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesnt disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.
urllib3 is a user-friendly HTTP client library for Python. urllib3 doesnt treat the Cookie HTTP header special or provide any helpers for managing cookies over HTTP that is the responsibility of the user. However it is possible for a user to specify a Cookie header and unknowingly leak information via HTTP redirects to a different origin if that user doesnt disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5.

Jira issues

IssueDescriptionStatus
35 more issues…
Unknown Issue TypeCAS-9957Could not obtain issue details from Jira
Unknown Issue TypeCAS-13863Could not obtain issue details from Jira
Unknown Issue TypeCAS-14007Could not obtain issue details from Jira
Unknown Issue TypeCAS-14093Could not obtain issue details from Jira
Unknown Issue TypeCAS-14218Could not obtain issue details from Jira