When I first heard about the news of a serious security vulnerability in glibc I thought that I would soon see a lot of programs of my Linux distributions being updated. That’s because I faintly remember that I once read somewhere that in Linux, libraries are often compiled into the application instead of dynamically linked at runtime. But I guess that was not quite true, at least not for glibc anyway. So far I’ve only seen an update of the glibc library itself. Since then no other programs have been updated due to statically linking that library. So if that holds true we might have been luckier than I thought. Would be nice for a change!