head	1.2;
access;
symbols
	pkgsrc-2013Q2:1.2.0.54
	pkgsrc-2013Q2-base:1.2
	pkgsrc-2012Q4:1.2.0.52
	pkgsrc-2012Q4-base:1.2
	pkgsrc-2011Q4:1.2.0.50
	pkgsrc-2011Q4-base:1.2
	pkgsrc-2011Q2:1.2.0.48
	pkgsrc-2011Q2-base:1.2
	pkgsrc-2009Q4:1.2.0.46
	pkgsrc-2009Q4-base:1.2
	pkgsrc-2008Q4:1.2.0.44
	pkgsrc-2008Q4-base:1.2
	pkgsrc-2008Q3:1.2.0.42
	pkgsrc-2008Q3-base:1.2
	cube-native-xorg:1.2.0.40
	cube-native-xorg-base:1.2
	pkgsrc-2008Q2:1.2.0.38
	pkgsrc-2008Q2-base:1.2
	pkgsrc-2008Q1:1.2.0.36
	pkgsrc-2008Q1-base:1.2
	pkgsrc-2007Q4:1.2.0.34
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.2.0.32
	pkgsrc-2007Q3-base:1.2
	pkgsrc-2007Q2:1.2.0.30
	pkgsrc-2007Q2-base:1.2
	pkgsrc-2007Q1:1.2.0.28
	pkgsrc-2007Q1-base:1.2
	pkgsrc-2006Q4:1.2.0.26
	pkgsrc-2006Q4-base:1.2
	pkgsrc-2006Q3:1.2.0.24
	pkgsrc-2006Q3-base:1.2
	pkgsrc-2006Q2:1.2.0.22
	pkgsrc-2006Q2-base:1.2
	pkgsrc-2006Q1:1.2.0.20
	pkgsrc-2006Q1-base:1.2
	pkgsrc-2005Q4:1.2.0.18
	pkgsrc-2005Q4-base:1.2
	pkgsrc-2005Q3:1.2.0.16
	pkgsrc-2005Q3-base:1.2
	pkgsrc-2005Q2:1.2.0.14
	pkgsrc-2005Q2-base:1.2
	pkgsrc-2005Q1:1.2.0.12
	pkgsrc-2005Q1-base:1.2
	pkgsrc-2004Q4:1.2.0.10
	pkgsrc-2004Q4-base:1.2
	pkgsrc-2004Q3:1.2.0.8
	pkgsrc-2004Q3-base:1.2
	pkgsrc-2004Q2:1.2.0.6
	pkgsrc-2004Q2-base:1.2
	pkgsrc-2004Q1:1.2.0.4
	pkgsrc-2004Q1-base:1.2
	pkgsrc-2003Q4:1.2.0.2
	pkgsrc-2003Q4-base:1.2
	buildlink2-base:1.2
	netbsd-1-5-RELEASE:1.1
	netbsd-1-4-PATCH003:1.1;
locks; strict;
comment	@# @;


1.2
date	2000.10.20.11.03.00;	author abs;	state dead;
branches;
next	1.1;

1.1
date	2000.09.19.20.00.04;	author agc;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Update to 1.1nb1 - avoid possible format string crash with -i '...%s...'.
No known security issues as not installed set{u,g}id
@
text
@$NetBSD: patch-ah,v 1.1 2000/09/19 20:00:04 agc Exp $

Disable unsafe -w option

--- ntop.c	2000/09/19 10:37:40	1.1
+++ ntop.c	2000/09/19 10:38:08
@@@@ -254,7 +254,7 @@@@
   initIPServices();
 
 #ifndef WIN32
-  while ((op = getopt(argc, argv, "df:F:hr:i:p:l:nw:m:")) != EOF)
+  while ((op = getopt(argc, argv, "df:F:hr:i:p:l:nm:")) != EOF)
     switch (op) {
 
 #ifndef WIN32
@@@@ -324,6 +324,7 @@@@
       numericFlag++;
       break;
 
+#if 0
     case 'w':
       if(!isdigit(optarg[0])) {
 	printf("FATAL ERROR: flag -w expects a numeric argument.\n");
@@@@ -332,6 +333,7 @@@@
       webMode++;
       webPort = atoi(optarg);
       break;
+#endif
 
     default:
       usage(0);

@


1.1
log
@Install the binary for this package as mode 550, and disable the
-w option, to avoid any compromises due to reported buffer overflow
exploits, reported in

ntop<=1.0               remote-root-shell       http://www.securityfocus.com/advisories/2520

Also, upgrade to 1.1 on the distribution site, as the old distfile
is no longer there, and 1.1 incorporates all the old patches in the
pkgsrc version bar one minor one (passing CPPFLAGS into Makefile.in
for the build environment).
@
text
@d1 1
a1 1
$NetBSD$
@