"Shellshock" bash bug
Colin Law
clanlaw at gmail.com
Sat Sep 27 09:57:42 UTC 2014
On 27 September 2014 07:50, Colin Law <clanlaw at gmail.com> wrote:
> On 26 September 2014 22:50, Colin Law <clanlaw at gmail.com> wrote:
>> ...
>> It is a sheeva plug computer with an Arm processor. Jaunty was the
>> last ubuntu version that supported the chip.
>
> There may be a solution that will close the hole anyway, which is
> certainly a good idea even if I am not actually at risk, which is to
> patch and build bash, which it seems is simpler than might have been
> thought, assuming this link can be believed.
> http://superuser.com/questions/816787/how-do-i-patch-the-shellshock-vulnerability-on-an-obsolete-ubuntu-system-that-i
Just in case anyone is interested, that seemed to go well and I now
have a patched version of bash running. There were a couple of
deficiencies in the script, and I thought it a good idea to keep a
copy of the original bash, so I did
sudo cp /bin/bash /bin/bash.orig
cd ~
mkdir src
cd src
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
#download all patches
for i in $(seq -f "%03g" 1 26); do wget
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done
tar zxvf bash-4.3.tar.gz
cd bash-4.3
#apply all patches
for i in $(seq -f "%03g" 1 26);do patch -p0 < ../bash43-$i; done
#build and install
./configure --prefix=/ && make && sudo make install
cd ..
cd ..
rm -r src
Closed and re-opened the terminal to get the new bash and checked that it is ok.
Rebooted - not sure if that was necessary or not.
Colin
More information about the ubuntu-users
mailing list