Created
September 25, 2014 19:53
-
-
Save umrysh/796d525327f2b1c12abe to your computer and use it in GitHub Desktop.
Patch the bash CVE-2014-6271 vulnerability (shellshock) on old versions of Debian (5 - Lenny, 6 - Squeeze) and OpenMediaVault
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # Put this in /usr/local/src/, make it executable and run it. | |
| # Script From [https://dmsimard.com/2014/09/25/the-bash-cve-2014-6271-shellshock-vulnerability/] | |
| # | |
| # dependencies | |
| apt-get update; apt-get install build-essential gettext bison | |
| # get bash 3.2 source | |
| wget http://ftp.gnu.org/gnu/bash/bash-3.2.tar.gz | |
| tar zxvf bash-3.2.tar.gz | |
| cd bash-3.2 | |
| # download and apply all patches, including the latest one that patches CVE-2014-6271 | |
| for i in $(seq -f "%03g" 1 52); do | |
| wget -nv http://ftp.gnu.org/gnu/bash/bash-3.2-patches/bash32-$i | |
| patch -p0 < bash32-$i | |
| done | |
| # compile and install to /usr/local/bin/bash | |
| ./configure && make | |
| make install | |
| # point /bin/bash to the new binary | |
| mv /bin/bash /bin/bash.old | |
| ln -s /usr/local/bin/bash /bin/bash |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment