How To: Patch Bash Against Shellshock
Since you’re reading this you’re probably already aware of what Shellshock is; a number of vulnerabilities found in the widely used Bash shell system in the summer of 2014. The quickest and easiest way to patch against these vulnerabilities and ensure the safety of your system is to update your Bash to the latest version. Here are the update commands for the popular Linux distributions.
Fedora
Ubuntu
Arch
That should have you covered. However, if for any reason you wish to apply the available patches yourself you can do so by running the following commands. We’ll explain what each does.
First enter your home directory, create (mkdir) the “bash” directory in it, and enter it.
Download the bash source package from the official server.
Then download the relevant patches. This command should automatically get the ones you need.
Extract the bash package and enter its directory.
Apply all of the patches that have been previously downloaded with this:
And then recompile the newly patched bash and install.
If you want to just compile it, but not install to your system, simply remove the && make install part from the command.
Or you could simply run this one line that downloads the above as a script and does it all for you automatically:
The script is provided by Shellshocker.net, which has detailed information about the vulnerabilities, testing, updating and patching.
If you’re on a Mac just download and install the patches provided by Apple. It should be pretty straightforward. Here they are for Mavericks, Mountain Lion, and Lion.
And that’s all there is to it.
Since you’re reading this you’re probably already aware of what Shellshock is; a number of vulnerabilities found in the widely used Bash shell system in the summer of 2014. The quickest and easiest way to patch against these vulnerabilities and ensure the safety of your system is to update your Bash to the latest version. Here are the update commands for the popular Linux distributions.
Fedora
Ubuntu
Arch
That should have you covered. However, if for any reason you wish to apply the available patches yourself you can do so by running the following commands. We’ll explain what each does.
First enter your home directory, create (mkdir) the “bash” directory in it, and enter it.
Download the bash source package from the official server.
Then download the relevant patches. This command should automatically get the ones you need.
Extract the bash package and enter its directory.
Apply all of the patches that have been previously downloaded with this:
And then recompile the newly patched bash and install.
If you want to just compile it, but not install to your system, simply remove the && make install part from the command.
Or you could simply run this one line that downloads the above as a script and does it all for you automatically:
The script is provided by Shellshocker.net, which has detailed information about the vulnerabilities, testing, updating and patching.
If you’re on a Mac just download and install the patches provided by Apple. It should be pretty straightforward. Here they are for Mavericks, Mountain Lion, and Lion.
And that’s all there is to it.