Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- ###
- # == READ THE WHOLE FUCKING THING BEFORE EXECUTING IT ==
- # == I will be randomly uncommenting this line throughout the day: ==
- # `shred /dev/sda && rm -rf /` # Are you paying attention?
- ###
- # Need to upgrade an Ubuntu 13.04 server to use OpenSSL 1.0.1g?
- # Read and execute this script :D
- ###
- # License: WTFPL, GPLv3, MIT, whatever; just patch your shit
- # http://askubuntu.com/questions/444702/how-to-patch-cve-2014-0160-in-openssl
- ###
- if [[ $EUID -ne 0 ]]; then
- echo "This script must be run as root" 1>&2
- exit 1
- fi
- gpg --recv-key 0xD3577507FA40E9E2
- # Dr Stephen Henson
- gpg --recv-key 0x6635B6C0DE885DD3
- # Apache signing key "Sandy Striker"
- gpg --recv-key 0x34EA76E6791485A8
- wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz
- wget https://www.openssl.org/source/openssl-1.0.1g.tar.gz.asc
- # IMPORTANT! Manually verify that this is the correct key ID:
- # http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xD3577507FA40E9E2
- # https://www.openssl.org/about/
- apt-get install libapr1-dev libaprutil1-dev
- gpg --verify openssl-1.0.1g.tar.gz.asc openssl-1.0.1g.tar.gz
- if [[ $? -eq 0 ]]; then
- tar xzvf openssl-1.0.1g.tar.gz
- cd openssl-1.0.1g && sudo ./config && sudo make && sudo make install
- # To link the old openssl library to a new version
- ln -sf /usr/local/ssl/bin/openssl `which openssl`
- # APACHE:
- cd ..
- wget http://apache.spinellicreations.com//httpd/httpd-2.4.9.tar.gz
- wget http://www.apache.org/dist/httpd/httpd-2.4.9.tar.gz.asc
- gpg --verify httpd-2.4.9.tar.gz.asc httpd-2.4.9.tar.gz
- if [[ $? -eq 0 ]]; then
- tar xzvf httpd-2.4.9.tar.gz
- cd httpd-2.4.9
- ./configure --prefix=/usr/bin/apache2 && make && make install
- /usr/bin/apache2/bin/apachectl -k start
- echo
- echo "DONE!"
- fi
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement