pam-u2f 1.3.1 includes a fix to resolve CVE-2025-23013 (Partial Authentication Bypass). CVSS score 7.3. 1.3.2 is a fix for a regression that could impact existing use cases.

Source: Fedora 40: pam-u2f 2025-b58b563b77 Security Advisory Updates