{"affected":[{"ecosystem_specific":{"binaries":[{"himmelblau":"0.7.17+git.0.1ebdab0-150700.3.3.2","himmelblau-sshd-config":"0.7.17+git.0.1ebdab0-150700.3.3.2","libnss_himmelblau2":"0.7.17+git.0.1ebdab0-150700.3.3.2","pam-himmelblau":"0.7.17+git.0.1ebdab0-150700.3.3.2"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Basesystem 15 SP7","name":"himmelblau","purl":"pkg:rpm/suse/himmelblau&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP7"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.17+git.0.1ebdab0-150700.3.3.2"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for himmelblau fixes the following issues:\n\n- CVE-2025-5791: Fixed using deprecated `users` crate (bsc#1244202)\n- CVE-2025-3416: Fixed use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242648) \n     \nUpdate to version 0.7.17+git.0.1ebdab0\n* Update sccache-action version to use new cache service\n","id":"SUSE-SU-2025:02166-1","modified":"2025-06-30T07:14:21Z","published":"2025-06-30T07:14:21Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202502166-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242648"},{"type":"REPORT","url":"https://bugzilla.suse.com/1244202"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-3416"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5791"}],"related":["CVE-2025-3416","CVE-2025-5791"],"summary":"Security update for himmelblau","upstream":["CVE-2025-3416","CVE-2025-5791"]}