openSUSE Security Update: Security update for python-mechanize ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0030-1 Rating: moderate References: #1202003 #1207242 Cross-References: CVE-2021-32837 Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for python-mechanize fixes the following issues: Update to version 0.4.8: - CVE-2021-32837: Fixed a denial of service via regular expression (boo#1207242). - Fixed mechanize not found during build (boo#1202003). Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-30=1 Package List: - openSUSE Backports SLE-15-SP4 (noarch): python3-mechanize-0.4.8-bp154.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-32837.html https://bugzilla.suse.com/1202003 https://bugzilla.suse.com/1207242