-
-
Save dz0ny/fb910f0205591855461f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
- hosts: all | |
gather_facts: false | |
name: CVE-2014-6271 bash vulnerability fix | |
tasks: | |
- name: check bash fix | |
command: env ls='() { echo vulnerable; }' bash -c ls | |
register: command_result | |
changed_when: False | |
failed_when: False | |
- name: update apt cache and upgrade bash | |
apt: update_cache=yes name=bash state=latest cache_valid_time=7200 | |
when: "'error' not in command_result.stderr" | |
register: apt_update | |
- name: fix libs | |
command: /sbin/ldconfig | |
when: apt_update|changed | |
- name: check bash fix | |
command: env ls='() { echo vulnerable; }' bash -c ls | |
register: command_result | |
failed_when: "'error' not in command_result.stderr" | |
changed_when: False | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment