This update for librsvg fixes the following issue:
* CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date
parser can lead to stack exhaustion (bsc#1257922).
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2026-1750=1
* Basesystem Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-1750=1
* Desktop Applications Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP7-2026-1750=1
* SUSE Linux Enterprise Server 15 SP6 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-1750=1
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP6-2026-1750=1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* rsvg-convert-debuginfo-2.57.4-150600.3.8.2
* rsvg-convert-2.57.4-150600.3.8.2
* librsvg-debugsource-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2
* librsvg-2-2-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2
* librsvg-devel-2.57.4-150600.3.8.2
* typelib-1_0-Rsvg-2_0-2.57.4-150600.3.8.2
* librsvg-2-2-2.57.4-150600.3.8.2
* openSUSE Leap 15.6 (noarch)
* rsvg-thumbnailer-2.57.4-150600.3.8.2
* openSUSE Leap 15.6 (aarch64_ilp32)
* librsvg-2-2-64bit-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-64bit-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-64bit-2.57.4-150600.3.8.2
* librsvg-2-2-64bit-2.57.4-150600.3.8.2
* Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* librsvg-debugsource-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-2.57.4-150600.3.8.2
* librsvg-2-2-debuginfo-2.57.4-150600.3.8.2
* gdk-pixbuf-loader-rsvg-debuginfo-2.57.4-150600.3.8.2
* librsvg-2-2-2.57.4-150600.3.8.2
*...
Read the Full Advisory* bsc#1257922
## References:
* https://www.suse.com/security/cve/CVE-2026-25727.html
* https://bugzilla.suse.com/show_bug.cgi?id=1257922
Get the latest Linux and open source security news straight to your inbox.