openSUSE has issued an advisory today (January 23): https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UJMENNGUMOIJQDKIMSMKR4ZGHVXN6F4U/ The issue is fixed upstream in 0.4.6.
Status comment: (none) => Fixed upstream in 0.4.6
Assigning to out Python stack maintainers, CC'ing the registered maintainer.
CC: (none) => makowski.mageia, marja11Assignee: bugsquad => python
Built: python3-mechanize-0.4.6-1.mga8.noarch Source: python-mechanize-0.4.6-1.mga8.src.rpm This package is used by calibre.
Version: 8 => CauldronStatus comment: Fixed upstream in 0.4.6 => (none)CC: (none) => yves.brungard_mageia
Assignee: python => qa-bugs
Version: Cauldron => 8
MGA8-64 MATE on Acer Aspire 5253 No installation issues. This is a library for "statefull programmatic web browsing", clearly developers area. As is does not disturb anythinf, giving the OK on clean install.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
From comment 2: "This package is used by calibre." Not knowing *how* it's used, I ran calibre before updating and looked for ways in which it interacts with the Web, thinking that would be where it might be used. I thought the most likely place was in searching for ebooks, so I tried a search for "The Hobbit," which it found in several places, including some that were for free. I tried to download an epub copy, but it failed. Details of why weren't something I understand. I also tried converting an existing book from epub to htmlz, though I have no idea if it would use this package, which seemed to work as designed. There were no issues with installing the update. I performed the above tests again, with the same results, so I guess there are no new regressions. Validating the OK.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0036.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED