Fedora has issued an advisory today (March 13): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PYNYFUUI2JO56U35RT7DTZDQDCNCDAMH/ The issue is fixed upstream in 0.28.1: https://github.com/geopython/OWSLib/security/advisories/GHSA-8h9c-r582-mggc Mageia 8 is also affected.
Status comment: (none) => Fixed upstream in 0.28.1Whiteboard: (none) => MGA8TOO
Think this is OK to assign to daviddavid, registered packager for python-owslib.
Assignee: bugsquad => geiger.david68210
Done for both mga8 and Cauldron! Freeze_move requested for Cauldron!
Mageia 8 update: python3-owslib-0.28.1-1.mga8 from python-owslib-0.28.1-1.mga8.src.rpm Cauldron pending freeze move.
Assigning to QA
Assignee: geiger.david68210 => qa-bugs
Status comment: Fixed upstream in 0.28.1 => (none)Whiteboard: MGA8TOO => (none)CC: (none) => geiger.david68210Version: Cauldron => 8
Mageia8, x86_64 Installed the release version of the package and qgis which is the only major package which depends on it. qgis appears to be a framework for the development of specialised web based maps and services involving geolocation and other resources. The qgis interface launched OK. Updated the package and checked qgis again. It launches and shows a news panel and a template panel from which new projects can be developed. There is little more that can be done with this without a wider knowledge of the subject but it looks useable. Giving this the go-ahead.
Whiteboard: (none) => MGA8-64-OKCC: (none) => tarazed25
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0112.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED