Joey Hess wrote: > Wichert Akkerman wrote: > > > general 28850 gettext: security problem when used in setuid > > > programs [0] (debian-devel@lists.debian.org) > > > > Everyone who has a package with a setuid program or something that runs > > as root should check if it uses gettext, and if so recompile it with > > the latest gettext installed. Please not that this is not necessary for > > programs that use the gettext from libc6. > > Could a lintian check be written to check for this, perhaps?
Not that I can think of. How can I check if a binary is linked statically to gettext? The binaries are stripped, so I don't have symbol information. Richard Braakman