Patch from vendor. From the ChangeLog:

  2001-11-27  Flavio Veloso  <flaviovs@magnux.com>
        * gnuserv.c: Fix a potential buffer overflow in permitted() that
        may allow the client to execute code on the server.

2 files changed, 16 insertions, 0 deletions

diff --git a/devel/libgtop2/Makefile b/devel/libgtop2/Makefile
index 94af3fd..aafc98f 100644
--- a/devel/libgtop2/Makefile
+++ b/devel/libgtop2/Makefile
@@ -7,6 +7,7 @@
 
 PORTNAME=	libgtop
 PORTVERSION=	1.0.12
+PORTREVISION=	1
 CATEGORIES=	devel gnome
 MASTER_SITES=	${MASTER_SITE_GNOME}
 MASTER_SITE_SUBDIR=	stable/sources/libgtop
diff --git a/devel/libgtop2/files/patch-src::daemon::gnuserv.c b/devel/libgtop2/files/patch-src::daemon::gnuserv.c
new file mode 100644
index 0000000..8b0712a
--- /dev/null
+++ b/devel/libgtop2/files/patch-src::daemon::gnuserv.c
@@ -0,0 +1,15 @@
+--- src/daemon/gnuserv.c.orig	Thu Nov 29 08:58:40 2001
++++ src/daemon/gnuserv.c	Thu Nov 29 08:58:17 2001
+@@ -200,6 +200,12 @@
+ 
+ 	auth_data_len = atoi (buf);
+ 
++	if (auth_data_len < 1 || auth_data_len > sizeof(buf)) {
++	    syslog_message(LOG_WARNING,
++			   "Invalid data length supplied by client");
++	    return FALSE;
++	}
++
+ 	if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
+ 	    return FALSE;
+