Source: freeglut Version: 3.4.0-1 Severity: important Tags: security upstream Forwarded: https://github.com/freeglut/freeglut/pull/155 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org>
Hi, The following vulnerabilities were published for freeglut. Those were previously associated with mupdf, but found that the issues are in freeglut instread. CVE-2024-24258[0]: | freeglut 3.4.0 was discovered to contain a memory leak via the | menuEntry variable in the glutAddSubMenu function. CVE-2024-24259[1]: | freeglut through 3.4.0 was discovered to contain a memory leak via | the menuEntry variable in the glutAddMenuEntry function. If you fix the vulnerabilities please also make sure to include the CVE (Common Vulnerabilities & Exposures) ids in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-24258 https://www.cve.org/CVERecord?id=CVE-2024-24258 [1] https://security-tracker.debian.org/tracker/CVE-2024-24259 https://www.cve.org/CVERecord?id=CVE-2024-24259 [2] https://github.com/freeglut/freeglut/pull/155 [3] https://github.com/freeglut/freeglut/commit/9ad320c1ad1a25558998ddfe47674511567fec57 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
