{"id":"SUSE-SU-2026:1599-1","summary":"Security update for librsvg","details":"This update for librsvg fixes the following issue:\n\n- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion (bsc#1257922).\n","modified":"2026-04-25T07:45:34.531907Z","published":"2026-04-24T11:45:47Z","related":["CVE-2026-25727"],"upstream":["CVE-2026-25727"],"references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2026/suse-su-20261599-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1257922"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2026-25727"}],"affected":[{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Micro 5.3","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Micro%205.3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Micro 5.4","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Micro%205.4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Micro 5.5","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Micro%205.5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Server 15 SP4-LTSS","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Server 15 SP5-LTSS","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP4","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}},{"package":{"name":"librsvg","ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP5","purl":"pkg:rpm/suse/librsvg&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.52.12-150400.3.12.1"}]}],"ecosystem_specific":{"binaries":[{"gdk-pixbuf-loader-rsvg":"2.52.12-150400.3.12.1","typelib-1_0-Rsvg-2_0":"2.52.12-150400.3.12.1","librsvg-2-2":"2.52.12-150400.3.12.1","librsvg-devel":"2.52.12-150400.3.12.1"}]},"database_specific":{"source":"https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:1599-1.json"}}],"schema_version":"1.7.5"}