diff --git a/.freeglut.metadata b/.freeglut.metadata
new file mode 100644
index 0000000..9907739
--- /dev/null
+++ b/.freeglut.metadata
@@ -0,0 +1,2 @@
+9df57d26b2cd0448fd83141009729317ff2ea4e7 openglut-0.6.3-doc.tar.gz
+7a62e0d2caad92ff745bc5037592b2753f0b2f20 freeglut-3.2.1.tar.gz
diff --git a/0001-Plug-memory-leak-that-happens-upon-error.patch b/0001-Plug-memory-leak-that-happens-upon-error.patch
new file mode 100644
index 0000000..f6e9208
--- /dev/null
+++ b/0001-Plug-memory-leak-that-happens-upon-error.patch
@@ -0,0 +1,52 @@
+From 9ad320c1ad1a25558998ddfe47674511567fec57 Mon Sep 17 00:00:00 2001
+From: Sebastian Rasmussen <sebras@gmail.com>
+Date: Mon, 12 Feb 2024 14:46:22 +0800
+Subject: [PATCH] Plug memory leak that happens upon error.
+
+If fgStructure.CurrentMenu is set when glutAddMenuEntry() or
+glutAddSubMenu() is called the allocated menuEntry variable will
+leak. This commit postpones allocating menuEntry until after the
+error checks, thereby plugging the memory leak.
+
+This fixes CVE-2024-24258 and CVE-2024-24259.
+---
+ src/fg_menu.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/fg_menu.c b/src/fg_menu.c
+index 53112dc2..0da88901 100644
+--- a/src/fg_menu.c
++++ b/src/fg_menu.c
+@@ -864,12 +864,12 @@ void FGAPIENTRY glutAddMenuEntry( const char* label, int value )
+ {
+     SFG_MenuEntry* menuEntry;
+     FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddMenuEntry" );
+-    menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
+ 
+     freeglut_return_if_fail( fgStructure.CurrentMenu );
+     if (fgState.ActiveMenus)
+         fgError("Menu manipulation not allowed while menus in use.");
+ 
++    menuEntry = (SFG_MenuEntry *)calloc( sizeof(SFG_MenuEntry), 1 );
+     menuEntry->Text = strdup( label );
+     menuEntry->ID   = value;
+ 
+@@ -888,7 +888,6 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
+     SFG_Menu *subMenu;
+ 
+     FREEGLUT_EXIT_IF_NOT_INITIALISED ( "glutAddSubMenu" );
+-    menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
+     subMenu = fgMenuByID( subMenuID );
+ 
+     freeglut_return_if_fail( fgStructure.CurrentMenu );
+@@ -897,6 +896,7 @@ void FGAPIENTRY glutAddSubMenu( const char *label, int subMenuID )
+ 
+     freeglut_return_if_fail( subMenu );
+ 
++    menuEntry = ( SFG_MenuEntry * )calloc( sizeof( SFG_MenuEntry ), 1 );
+     menuEntry->Text    = strdup( label );
+     menuEntry->SubMenu = subMenu;
+     menuEntry->ID      = -1;
+-- 
+2.43.0
+
diff --git a/freeglut.spec b/freeglut.spec
index ec51398..cbf8a87 100644
--- a/freeglut.spec
+++ b/freeglut.spec
@@ -2,12 +2,13 @@
 Summary:        A freely licensed alternative to the GLUT library
 Name:           freeglut
 Version:        3.2.1
-Release:        9%{?dist}
+Release:        10%{?dist}
 URL:            http://freeglut.sourceforge.net
 Source0:        https://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 # For the manpages
 Source1:        https://downloads.sourceforge.net/openglut/openglut-0.6.3-doc.tar.gz
 Patch0:         common.patch
+Patch1:         0001-Plug-memory-leak-that-happens-upon-error.patch
 License:        MIT
 
 BuildRequires:  gcc
@@ -52,7 +53,8 @@ license.
 
 %prep
 %setup -q -a 1
-%patch0 -p0
+%patch -P 0 -p0
+%patch -P 1 -p1
 
 %build
 %{cmake} -DFREEGLUT_BUILD_STATIC_LIBS=OFF .
@@ -82,6 +84,11 @@ install -p -m 644 doc/man/*.3 $RPM_BUILD_ROOT/%{_mandir}/man3
 %{_libdir}/cmake/FreeGLUT/*
 
 %changelog
+* Thu Feb 15 2024 José Expósito <jexposit@redhat.com> - 3.2.1-10
+- Fix CVE-2024-24258 and CVE-2024-24259
+  Resolves: https://issues.redhat.com/browse/RHEL-25176
+  Resolves: https://issues.redhat.com/browse/RHEL-25178
+
 * Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.2.1-9
 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
   Related: rhbz#1991688