Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

openSUSE 16.0 agama Important Stack Exhaustion Issue CVE-2026-25727

opensuse
Calendar Grey May 19, 2026
Dist Opensuse Esm H88
Update for openSUSE fixes critical stack exhaustion issue in agama with CVE-2026-25727 providing important patches.
An update that solves one vulnerability and has one bug fix can now be installed.

Description

This update for agama fixes the following issue

- CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion

(bsc#1257930).

Changes for agama:

- Update "time" crate to version 0.3.47.

Patch instructions:

To install this openSUSE security update use the suse recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Leap 16.0

zypper in -t patch openSUSE-Leap-16.0-748=1

Patch

Package List

- openSUSE Leap 16.0:

agama-17+570.fe7244a50-160000.10.1

agama-autoinstall-17+570.fe7244a50-160000.10.1

agama-cli-17+570.fe7244a50-160000.10.1

agama-cli-bash-completion-17+570.fe7244a50-160000.10.2

agama-cli-fish-completion-17+570.fe7244a50-160000.10.2

agama-cli-zsh-completion-17+570.fe7244a50-160000.10.2

agama-openapi-17+570.fe7244a50-160000.10.1

agama-scripts-17+570.fe7244a50-160000.10.1

References

* bsc#1257930

References:

* https://www.suse.com/security/cve/CVE-2026-25727.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2026:20753-1
Rating: important
Affected Products: openSUSE Leap 16.0 -------------------------------------------------------------

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here