Joey Hess wrote: > Wichert Akkerman wrote: > > > general 28850 gettext: security problem when used in setuid > > > programs [0] ([email protected]) > > > > Everyone who has a package with a setuid program or something that runs > > as root should check if it uses gettext, and if so recompile it with > > the latest gettext installed. Please not that this is not necessary for > > programs that use the gettext from libc6. > > Could a lintian check be written to check for this, perhaps?
Not that I can think of. How can I check if a binary is linked statically to gettext? The binaries are stripped, so I don't have symbol information. Richard Braakman -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
