Re: List of bugs that *must* be fixed before releasing Slink
Joey Hess wrote:
> Wichert Akkerman wrote:
> > > general 28850 gettext: security problem when used in setuid programs [0] (debian-devel@lists.debian.org)
> >
> > Everyone who has a package with a setuid program or something that runs
> > as root should check if it uses gettext, and if so recompile it with
> > the latest gettext installed. Please not that this is not necessary for
> > programs that use the gettext from libc6.
>
> Could a lintian check be written to check for this, perhaps?
Not that I can think of. How can I check if a binary is linked statically
to gettext? The binaries are stripped, so I don't have symbol information.
Richard Braakman
--
To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: