This update for himmelblau fixes the following issue
- CVE-2026-45108: authentication bypass vulnerability in the Device Authorization Grant (DAG) flow (bsc#1266662).
Changes for himmelblau:
- Update to version 2.3.11+git1.116c6763:
* Update cargo vet audits for backport
* deps(rust): bump the all-cargo-updates group with 19 updates
- Update to version 2.3.10:
* nss/pam: bail out early when SYSTEMD_ACTIVATION_UNIT points to himmelblau
* selinux: allow unconfined_service_t to search himmelblaud_t dirs
Patch instructions:
To install this openSUSE security update use the suse recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Leap 16.0
zypper in -t patch openSUSE-Leap-16.0-976=1
- openSUSE Leap 16.0:
himmelblau-2.3.11+git1.116c6763-160000.1.1
himmelblau-qr-greeter-2.3.11+git1.116c6763-160000.1.1
himmelblau-sshd-config-2.3.11+git1.116c6763-160000.1.1
himmelblau-sso-2.3.11+git1.116c6763-160000.1.1
libnss_himmelblau2-2.3.11+git1.116c6763-160000.1.1
pam-himmelblau-2.3.11+git1.116c6763-160000.1.1
* bsc#1266662
References:
* https://www.suse.com/security/cve/CVE-2026-45108.html
Get the latest Linux and open source security news straight to your inbox.