http://www.linuxquestions.org/questi...06#post5244106
Manual patch instructions for Debian and CentOS.
http://www.linuxquestions.org/questi...06#post5244106
Manual patch instructions for Debian and CentOS.
Is this the beginning of the attacks on 'Nix based systems?
I think you kind of missed the point.
Anything that runs bash. I posted specific instructions for Debian and CentOS because I look after those systems. Feel free to post for other flavours, like Apple for instance which is also vulnerable however you pretty much need to be running an internet facing web server so that mitigates most OS X installs out there.
This script will recompile bash with a patch against shellshock on Debian 5. I still have a few old legacy boxes running it, really must upgrade. From https://dmsimard.com/2014/09/25/the-...-vulnerability
#!/bin/bash
# dependencies
apt-get update; apt-get install build-essential gettext bison
# get bash 3.2 source
wget http://ftp.gnu.org/gnu/bash/bash-3.2.tar.gz
tar zxvf bash-3.2.tar.gz
cd bash-3.2
# download and apply all patches, including the latest one that patches CVE-2014-6271
# Note: CVE-2014-6271 is patched by release 52.
# Release 53 is not out on the GNU mirror yet - it should address CVE-2014-7169.
for i in $(seq -f "%03g" 1 52); do
wget -nv http://ftp.gnu.org/gnu/bash/bash-3.2-patches/bash32-$i
patch -p0 < bash32-$i
done
# compile and install to /usr/local/bin/bash
./configure && make
make install
# point /bin/bash to the new binary
mv /bin/bash /bin/bash.old
ln -s /usr/local/bin/bash /bin/bash
Right. I had Apple in mind when I posted previously. It just seems like Apple is gaining so much in popularity that maybe the attacks are going to start happening more and more now. And since Apple is basically Linux, then it just makes sense that attacks, exploits, vulnerabilities will start popping up in the mainstream now for all of those things.
Anyway, I didn't mean to hi-jack the thread with all this. Basically just throwing out a thought I had about this.