This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1432.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Autodesk AutoCAD. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2025-1431.
Diego Cebrián discovered that djoser did not properly handle user
authentication. An attacker with valid credentials could possibly
use this to bypass authentication checks, such as two-factor
authentication, to gain unintended access.
rust-zincati-0.0.30-1.fc40
New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30
rust-zincati-0.0.30-1.fc41
New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30
Backport polkit rules patch for CVE-2025-27512
https://github.com/coreos/zincati/security/advisories/GHSA-w6fv-6gcc-x825
https://www.cve.org/CVERecord?id=CVE-2025-27512
https://github.com/coreos/zincati/commit/920ac90204830e43fd597f3dcbacf0d772b50a81
rust-zincati-0.0.30-1.fc42
New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30
bluez-5.80-1.fc42
iwd-3.4-1.fc42
libell-0.74-1.fc42
bluez 5.80:
Fix issue with handling address type for all types of keys.
Fix issue with handling maximum number of GATT channels.
Fix issue with handling MTU auto-tuning feature.
Fix issue with handling AVRCP volume in reconfigured transports.
Fix issue with handling VCP volume setting requests.
Fix issue with handling VCP connection management.
Fix issue with handling MAP qualification.
Fix issue with handling PBAP qualification.
Fix issue with handling BNEP qualification.
Add support for PreferredBearer device property.
Add support for SupportedTypes Message Access property.
Add support for HFP, A2DP, AVRCP, AVCTP and MAP latest versions.
iwd 3.4:
Add support for the Test Anything Protocol.
libell 0.74:
Add support for NIST P-192 curve usage with ECDH.
Add support for SHA-224 based checksums and HMACs.
libell 0.73:
Fix issue with parsing hwdb.bin child structures.
libell 0.72:
Add support for the Test Anything Protocol.
dotnet9.0-9.0.104-1.fc40
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md
dotnet9.0-9.0.104-1.fc41
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md
dotnet9.0-9.0.104-1.fc42
This is the monthly update for .NET 9 for March 2025.
Release Notes:
SDK: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.104.md
Runtime: https://github.com/dotnet/core/blob/main/release-notes/9.0/9.0.3/9.0.3.md
