Skip to content

Instantly share code, notes, and snippets.

@jasoncodes

jasoncodes/fix-bash.sh

Last active August 29, 2015 14:06
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jasoncodes/288167aec74a17384173 to your computer and use it in GitHub Desktop.
Save jasoncodes/288167aec74a17384173 to your computer and use it in GitHub Desktop.
Download ZIP
Shellshock (CVE-2014-6271 and CVE-2014-7169) patch for OS X 10.9 Mavericks
Raw
fix-bash.sh
#!/bin/bash -e
# Shellshock (CVE-2014-6271 and CVE-2014-7169) patch for OS X 10.9 Mavericks
# Based on http://apple.stackexchange.com/a/146851
cd /tmp
mkdir bash-fix
cd bash-fix
curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf -
cd bash-92/bash-3.2
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0
cd ..
xcodebuild
build/Release/bash --version
build/Release/sh --version
sudo cp -ai /bin/bash /bin/bash.old
sudo cp -ai /bin/sh /bin/sh.old
sudo install -o root -g wheel build/Release/bash /bin/
sudo install -o root -g wheel build/Release/sh /bin/
ls -l /bin/{sh,bash}{,.old}
@jasoncodes
Copy link
Author 

curl -sL https://gist.github.com/jasoncodes/288167aec74a17384173/raw/fix-bash.sh -o /tmp/bash-fix.sh
chmod +x /tmp/bash-fix.sh
/tmp/bash-fix.sh

@jasoncodes
Copy link
Author

http://support.apple.com/kb/DL1769

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment