bash shellshock how to manually patch when there is no update for Centos/Debian/Ubuntu/Fedora

wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
tar xzvf bash-4.3.tar.gz
cd bash-4.3/
wget --no-directories --level 1 --recursive http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
for patch in `ls bash43-*|grep -v .sig$`; do
echo applying "$patch"
patch -p0 < $patch
done

./configure;make;make install
#it will install to /usr/bin/bash but if your bash is somewhere else you need to overwrite the old one.

#eg.
#mv /usr/bin/bash /bin/bash

To test if you are still vulnerable you should see output like below when running this
env x='() { :;}; echo compevo warning you are vulnerable' bash -c "compevo notice you are not vulnerable"

The output should be this:

bash: compevo: command not found


Tags:

bash, shellshock, manually, update, centos, debian, ubuntu, fedorawget, http, ftp, gnu, org, tar, gz, xzvf, wget, directories, recursive, patches, ls, grep, sig, echo, applying, quot, configure, install, usr, bin, overwrite, eg, mv, output, env, compevo,

Latest Articles

  • Cisco Switches How To Get Of Port Line Status Console Messages
  • Cisco DHCP Snooping Relay Setup Information
  • Cisco Switch Setup Guide Command List
  • Cisco 2960 Switch Reset To Factory Defaults
  • How To Boot Cisco CUCM UCSInstall 8.6, 10, 11 and 12 on KVM/Proxmox
  • VBOX VirtualBox How To Import Raw .img Disk File
  • Windows Server 2012, 2016, 2019 How To Install and Missing Disabled Telnet Client
  • proxmox vm networking breaks when you restart your network on the hostnode
  • Linux ln symlink how to update existing symbolic link
  • Ubuntu 18.04 / Linux Mint 19.1 Cannot Type or Login - solution
  • LUKS Hard Drive Encryption on Linux Mint Ubuntu Debian etc how to mount encrypted hard drive
  • How to use nmap locate other machines/computers/servers on your network using nmap
  • Linux Mint 18.2 Create Config File To Start Application Upon Login
  • Dell Wyse Thin Client BIOS Access Key
  • sudoers file in /etc warning about comments/includes!
  • Centos 7 Reallocate logical volume space to another
  • lvm how to reduce volume size
  • letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."
  • SSH error cannot Forward or Listen "bind: Cannot assign requested address"
  • X11 SSH Linux Forwarding Error