diff --git a/CVE-2024-24258-and-CVE-2024-24259.patch b/CVE-2024-24258-and-CVE-2024-24259.patch deleted file mode 100644 index 4273461bac7a4f357cf606bedca9022602f4e5d4..0000000000000000000000000000000000000000 --- a/CVE-2024-24258-and-CVE-2024-24259.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 9ad320c1ad1a25558998ddfe47674511567fec57 Mon Sep 17 00:00:00 2001 -From: Sebastian Rasmussen -Date: Mon, 12 Feb 2024 14:46:22 +0800 -Subject: [PATCH] Plug memory leak that happens upon error. - -Origin: https://github.com/freeglut/freeglut/commit/9ad320c1ad1a25558998ddfe47674511567fec57 - -If fgStructure.CurrentMenu is set when glutAddMenuEntry() or -glutAddSubMenu() is called the allocated menuEntry variable will -leak. This commit postpones allocating menuEntry until after the -error checks, thereby plugging the memory leak. - -This fixes CVE-2024-24258 and CVE-2024-24259. ---- - src/fg_menu.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/fg_menu.c b/src/fg_menu.c -index 53112dc21..0da88901d 100644 ---- a/src/fg_menu.c -+++ b/src/fg_menu.c -@@ -864,12 +864,12 @@ void FGAPIENTRY glutAddMenuEntry( const char* label, int value ) - { - SFG_MenuEntry* menuEntry; - FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddMenuEntry" ); -- menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 ); - - freeglut_return_if_fail( fgStructure.CurrentMenu ); - if (fgState.ActiveMenus) - fgError("Menu manipulation not allowed while menus in use."); - -+ menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 ); - menuEntry->Text = strdup( label ); - menuEntry->ID = value; - -@@ -888,7 +888,6 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID ) - SFG_Menu *subMenu; - - FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddSubMenu" ); -- menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 ); - subMenu = fgMenuByID( subMenuID ); - - freeglut_return_if_fail( fgStructure.CurrentMenu ); -@@ -897,6 +896,7 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID ) - - freeglut_return_if_fail( subMenu ); - -+ menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 ); - menuEntry->Text = strdup( label ); - menuEntry->SubMenu = subMenu; - menuEntry->ID = -1; diff --git a/freeglut-3.4.0.tar.gz b/freeglut-3.4.0.tar.gz deleted file mode 100644 index 3721c128668f83fe8ecc1a20529bcfd74418cafd..0000000000000000000000000000000000000000 Binary files a/freeglut-3.4.0.tar.gz and /dev/null differ diff --git a/freeglut-3.6.0.tar.gz b/freeglut-3.6.0.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ed155c1c6c5d0ad74bd279be2e0850c0ff76ffce Binary files /dev/null and b/freeglut-3.6.0.tar.gz differ diff --git a/freeglut.spec b/freeglut.spec index 53558b844df668642bc94d6c9e7e45c000409830..0220e43196f8cb1df9c5d544e10a5d3db681b75f 100644 --- a/freeglut.spec +++ b/freeglut.spec @@ -1,12 +1,11 @@ Name: freeglut -Version: 3.4.0 -Release: 3 +Version: 3.6.0 +Release: 1 Summary: A freely licensed alternative to the GLUT library License: MIT URL: https://freeglut.sourceforge.net Source0: https://github.com/freeglut/freeglut/releases/download/v%{version}/%{name}-%{version}.tar.gz Source1: https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz -Patch0: CVE-2024-24258-and-CVE-2024-24259.patch BuildRequires: gcc BuildRequires: cmake >= 3.11 @@ -63,6 +62,9 @@ install -p -m 644 doc/man/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3 %doc README.md doc/html/*.png doc/html/*.html %changelog +* Mon Dec 23 2024 Funda Wang - 3.6.0-1 +- update to 3.6.0 + * Fri Dec 20 2024 Funda Wang - 3.4.0-3 - adopt to new cmake macro