Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #first find out the version you have so you know what to get for the patches and source files
- dpkg-query -l|grep bash
- ii bash 4.1-3 The GNU Bourne Again SHell
- #do this in the /usr/src dir
- cd /usr/src
- wget http://ftp.gnu.org/gnu/bash/bash-4.1.tar.gz
- tar zxvf bash-4.1.tar.gz
- cd bash-4.1
- # fetch all patches, including latest ones that patches CVE-2014-6271
- for i in $(seq -f "%03g" 0 14); do
- wget -nv http://ftp.gnu.org/gnu/bash/bash-4.1-patches/bash41-$i
- patch -p0 < bash41-$i
- done
- # check if yacc is installed. if not - install yacc
- apt-get install bison
- # configure,compile and install bash (this will install bash into /usr/local/bin/bash)
- ./configure && make
- make install
- # make a symlink from /bin/bash to the new binary
- mv /bin/bash /bin/bash.old
- ln -s /usr/local/bin/bash /bin/bash
- # check that you're not vulnerable anymore wiith the output of the following
- # it should not output vulnerable word anymore
- env x='() { :;}; echo vulnerable' bash -c echo
- #you can Delete the old one thats a problem
- rm /bin/bash.old
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement