diff --git a/_service b/_service
index 5fefdf1..62dd460 100644
--- a/_service
+++ b/_service
@@ -4,7 +4,7 @@
     <param name="scm">git</param>
     <param name="submodules">disable</param>
     <param name="exclude">.git</param>
-    <param name="revision">v15.4.2</param>
+    <param name="revision">v15.4.3</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="changesgenerate">disable</param>
     <param name="versionrewrite-pattern">v(.*)</param>
@@ -32,4 +32,8 @@
   </service>
   <service name="go_modules" mode="manual">
   </service>
+  <service name="cargo_vendor" mode="manual">
+    <param name="update">true</param>
+    <param name="srcdir">teleport/tool/fdpass-teleport</param>
+  </service>
 </services>
diff --git a/teleport-15.4.2.obscpio b/teleport-15.4.2.obscpio
deleted file mode 100644
index 14d98c0..0000000
--- a/teleport-15.4.2.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:58cb16b508a6bc992b4b3aadacdd3f8a254f9520415e2839fd281e5943ea8fe7
-size 253931022
diff --git a/teleport-15.4.3.obscpio b/teleport-15.4.3.obscpio
new file mode 100644
index 0000000..78f394b
--- /dev/null
+++ b/teleport-15.4.3.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:eef752c67fe727ffd13456008b0529df3fbc1242909e17e78fdf409fdf6c996c
+size 254003214
diff --git a/teleport.changes b/teleport.changes
index 8eec8fc..bd181a6 100644
--- a/teleport.changes
+++ b/teleport.changes
@@ -1,3 +1,37 @@
+-------------------------------------------------------------------
+Thu Jun 13 05:17:15 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
+
+- new subpackage teleport-fdpass-teleport, see below
+- update to 15.4.3:
+  Note: This release includes a new binary, fdpass-teleport, that
+  can be optionally used by Machine ID to significantly reduce
+  resource consumption in use-cases that create large numbers of
+  SSH connections (e.g. Ansible). Refer to the documentation for
+  more details.
+  * Update azidentity to v1.6.0 (patches CVE-2024-35255). #42859
+  * Remote rate limits on endpoints used extensively to connect to
+    the cluster. #42835
+  * Machine ID SSH multiplexer now only writes artifacts if they
+    have not changed, resolving a potential race condition with the
+    OpenSSH client. #42830
+  * Use more efficient API when querying SSH nodes to resolve Proxy
+    Templates in tbot. #42829
+  * Improve the performance of the Athena audit log and S3 session
+    storage backends. #42795
+  * Prevent a panic in the Proxy when accessing an offline
+    application. #42786
+  * Improve backoff of session recording uploads by teleport
+    agents. #42776
+  * Introduce the new Machine ID ssh-multiplexer service for
+    significant improvements in SSH performance. #42761
+  * Reduce backend writes incurred by tracking status of
+    non-recorded sessions. #42694
+  * Fix not being able to logout from the web UI when session
+    invalidation errors. #42648
+  * Fix access list listing not updating when creating or deleting
+    an access list in the web UI. #4383
+  * Fix crashes related to importing GCP labels. #42871
+
 -------------------------------------------------------------------
 Tue Jun 11 12:12:48 UTC 2024 - Johannes Kastl <opensuse_buildservice@ojkastl.de>
 
diff --git a/teleport.obsinfo b/teleport.obsinfo
index c576957..a4ef1a5 100644
--- a/teleport.obsinfo
+++ b/teleport.obsinfo
@@ -1,4 +1,4 @@
 name: teleport
-version: 15.4.2
-mtime: 1718094157
-commit: cd2ff3e478af17cfb26338cdec11b37ffca10774
+version: 15.4.3
+mtime: 1718228621
+commit: 46e1a24d66dfe03e09b3fe068821d8f4804f47b3
diff --git a/teleport.spec b/teleport.spec
index 1bcb7c9..6dc44fd 100644
--- a/teleport.spec
+++ b/teleport.spec
@@ -19,17 +19,22 @@
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 
 Name:           teleport
-Version:        15.4.2
+Version:        15.4.3
 Release:        0
 Summary:        Identity-aware, multi-protocol access proxy
 License:        Apache-2.0
 URL:            https://github.com/gravitational/teleport
 Source:         %{name}-%{version}.tar.gz
+# go vendoring
 Source1:        vendor.tar.gz
 Source2:        webassets.tar.gz
 Source3:        teleport.service
 Source4:        teleport.yaml
 Source5:        tbot.yaml
+# Rust vendoring
+Source6:        vendor.tar.zst
+BuildRequires:  cargo >= 1.69
+BuildRequires:  cargo-packaging
 BuildRequires:  git-core
 BuildRequires:  go >= 1.20
 BuildRequires:  pam-devel
@@ -69,10 +74,18 @@ License:        Apache-2.0
 Machine ID is a service that programmatically issues and renews short-lived certificates to any service account (e.g., a CI/CD server) by retrieving credentials from the Teleport Auth Service. This enables fine-grained role-based access controls and audit.
 tbot is the executable belonging to the Machine ID service.
 
+%package -n teleport-fdpass-teleport
+Summary:        Significantly reduce resource consumption by large numbers of SSH connections
+License:        Apache-2.0
+
+%description -n teleport-fdpass-teleport
+fdpass-teleport can be optionally used by Machine ID to significantly reduce resource consumption in use-cases that create large numbers of SSH connections (e.g. Ansible).
+
 %prep
 %setup -q
 %setup -q -T -D -a 1
 %setup -q -T -D -a 2
+tar xvf %{SOURCE6} -C tool/fdpass-teleport
 
 %build
 
@@ -97,7 +110,6 @@ go build \
    -buildmode=pie \
    -ldflags="-w -s -X main.VERSION=%{version}" \
    -o tbot ./tool/tbot
-
 go build \
    -tags "pam" \
    -mod=vendor \
@@ -105,11 +117,15 @@ go build \
    -ldflags="-w -s -X main.VERSION=%{version}" \
    -o tctl ./tool/tctl
 
+cd tool/fdpass-teleport
+%{cargo_build}
+
 %install
 # Install the binary.
 install -D -m 0755 tsh "%{buildroot}/%{_bindir}/tsh"
 install -D -m 0755 tctl "%{buildroot}/%{_bindir}/tctl"
 install -D -m 0755 tbot "%{buildroot}/%{_bindir}/tbot"
+install -D -m 0755 tool/fdpass-teleport/target/release/fdpass-teleport "%{buildroot}/%{_bindir}/fdpass-teleport"
 install -D -m 0755 teleport "%{buildroot}/%{_sbindir}/teleport"
 install -D -m 644 %{SOURCE3} %{buildroot}%{_unitdir}/teleport.service
 install -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/teleport.yaml
@@ -168,4 +184,9 @@ install -D -m 644 %{SOURCE5} %{buildroot}%{_sysconfdir}/tbot.yaml
 %{_unitdir}/machine-id.service
 %config(noreplace) %{_sysconfdir}/tbot.yaml
 
+%files -n teleport-fdpass-teleport
+%doc README.md
+%license LICENSE
+%{_bindir}/fdpass-teleport
+
 %changelog
diff --git a/vendor.tar.gz b/vendor.tar.gz
index af4f1e9..d46bfe1 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:4b6d2f342caea8f1c041797e0c1eb525ae39298163a96c43cc0c59e58d930503
-size 51439754
+oid sha256:640eea8261267a62c93e84b8ca6b0077fd84634a2d48d51cef42e750b2a4300a
+size 51521081
diff --git a/vendor.tar.zst b/vendor.tar.zst
new file mode 100644
index 0000000..9d17d3f
--- /dev/null
+++ b/vendor.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:7cbc9d4ccdec929c44c17a019eebaa53d8bee173ff91c9c029e7a4db42374454
+size 715019