Fedora has issued an advisory today (January 5):
The issue is fixed upstream in 1.10.0.
Mageia 7 is also affected.
Fixed upstream in 1.10.0Whiteboard:
fixed in cauldron and new rpm pushed in mga7
Updated python-py packages fix security vulnerability:
A denial of service via regular expression in the py.path.svnwc component of
python-py through 1.9.0 could be used by attackers to cause a compute-time
denial of service attack by supplying malicious input to the blame
Updated packages in core/updates_testing:
Fixed upstream in 1.10.0 =>
*** Bug 28139 has been marked as a duplicate of this bug. ***