bash shellshock how to manually patch when there is no update for Centos/Debian/Ubuntu/Fedora

wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
tar xzvf bash-4.3.tar.gz
cd bash-4.3/
wget --no-directories --level 1 --recursive http://ftp.gnu.org/gnu/bash/bash-4.3-patches/
for patch in `ls bash43-*|grep -v .sig$`; do
echo applying "$patch"
patch -p0 < $patch
done

./configure;make;make install
#it will install to /usr/bin/bash but if your bash is somewhere else you need to overwrite the old one.

#eg.
#mv /usr/bin/bash /bin/bash

 

To test if you are still vulnerable you should see output like below when running this
env x='() { :;}; echo compevo warning you are vulnerable' bash -c "compevo notice you are not vulnerable"
 

The output should be this:

bash: compevo: command not found
 


Tags:

bash, shellshock, manually, update, centos, debian, ubuntu, fedorawget, http, ftp, gnu, org, tar, gz, xzvf, wget, directories, recursive, patches, ls, grep, sig, echo, applying, quot, configure, install, usr, bin, overwrite, eg, mv, output, env, compevo,

Latest Articles

  • qemu: could not load PC BIOS 'bios-256k.bin' solution
  • Proxmox How To Custom Partition During Install
  • Hyper-V Linux VM Boots to Black Screen, Storage, NIC Not Found Issues
  • Ubuntu Mint How to Fix Missing/Broken /dev and /dev/pts which causes terminal to immediately close exit and not work
  • How high can a Xeon CPU get?
  • bash fix PATH environment variable "command not found" solution
  • Ubuntu Linux Mint Debian Redhat Youtube Cannot Play HD or 4K videos, dropped frames or high CPU usage with Nvidia or AMD Driver
  • hostapd example configuration for high speed AC on 5GHz using WPA2
  • hostapd how to enable and use WPS to connect wireless devices like printers
  • Dell Server Workstation iDRAC Dead after Firmware Update Solution R720, R320, R730
  • Cloned VM/Server/Computer in Linux won't boot and goes to initramfs busybox Solution
  • How To Add Windows 7 8 10 11 to GRUB Boot List Dual Booting
  • How to configure OpenDKIM on Linux with Postfix and setup bind zonefile
  • Debian Ubuntu 10/11/12 Linux how to get tftpd-hpa server setup tutorial
  • efibootmgr: option requires an argument -- 'd' efibootmgr version 15 grub-install.real: error: efibootmgr failed to register the boot entry: Operation not permitted.
  • Apache Error Won't start SSL Cert Issue Solution Unable to configure verify locations for client authentication SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line SSL Library Error: 185090057 error:0B084009:x509 certif
  • Linux Debian Mint Ubuntu Bridge br0 gets random IP
  • redis requirements
  • How to kill a docker swarm
  • docker swarm silly issues