chrishein/gist:fbca665930b7f20e64a1

## gistfile1.txt
# http://packages.ubuntu.com/trusty/bash

# Check dependencies versions
dpkg -s dash | grep Version
dpkg -s libc6 | grep Version
dpkg -s base-files | grep Version
dpkg -s debianutils | grep Version
dpkg -s bash-completion | grep Version

# Download and install
wget http://security.ubuntu.com/ubuntu/pool/main/b/bash/bash_4.3-7ubuntu1.3_amd64.deb
sudo dpkg -i bash_4.3-7ubuntu1.3_amd64.deb
dpkg -s bash | grep Version


# Verify patched for Shellshock (CVE-2014-6271)
env x='() { :;}; echo vulnerable' bash -c 'echo hello'

#Verify patched for Aftershock (CVE-2014-7169)
env var='() {(a)=>\' bash -c "echo date"; cat echo; rm -f echo

# Some days after ... switch to a LTS Ubuntu version
	# http://packages.ubuntu.com/trusty/bash

	# Check dependencies versions
	dpkg -s dash \| grep Version
	dpkg -s libc6 \| grep Version
	dpkg -s base-files \| grep Version
	dpkg -s debianutils \| grep Version
	dpkg -s bash-completion \| grep Version

	# Download and install
	wget http://security.ubuntu.com/ubuntu/pool/main/b/bash/bash_4.3-7ubuntu1.3_amd64.deb
	sudo dpkg -i bash_4.3-7ubuntu1.3_amd64.deb
	dpkg -s bash \| grep Version


	# Verify patched for Shellshock (CVE-2014-6271)
	env x='() { :;}; echo vulnerable' bash -c 'echo hello'

	#Verify patched for Aftershock (CVE-2014-7169)
	env var='() {(a)=>\' bash -c "echo date"; cat echo; rm -f echo

	# Some days after ... switch to a LTS Ubuntu version