|
10 years ago 6 |
Hi, use this commands for fixing the Shellshock bash bug in Linux Mint 16:
# Try first with upgrade only Bash
sudo apt-get update && sudo apt-get install --only-upgrade bash
# If you do not find bash upgrades you must manual upgrade bash
mkdir gnubash
cd gnubash
# Download bash
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
for i in $(seq -f "03g" 0 29); do wget http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done
tar zxvf bash-4.3.tar.gz
cd bash-4.3
for i in $(seq -f "03g" 0 29); do patch -p0 < ../bash43-$i; done
# You must elevate your privileges to root
sudo su -
./configure && make && make install
# See the results with
env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test
# If you see only the words "Bash test" that's all good !!!
Thanks for your suggestions, loops corrected. Have a nice day!
Oh I see, the formatting code is getting interpreted by the parsing engine for this forum! Haha, ok so the tutorial above is spot on but we don't get to see the formatting code.
To all those looking to get this working, the correction is:
for i in $(seq -f "% 0 3 g" 0 26); do
...but with no spaces in "% 0 3 g"
woops sorry, that correction should be:
for i in $(seq -f "g" 0 29); do
Worked like a charm for my system (Mint 16 / MATE / x64) however I had to make a couple slight modifications.
Both of the "for" loops have an invalid formatting declaration. To make it work, simply change these:
for i in $(seq -f "g" 0 26); do
...to this:
for i in $(seq -f "03g" 0 29); do
...that will apply the command to all 29 patches available at the time of this comment being written.
Thanks for the fix angelo_allegra, saved me a lot of hassle in upgrading to Mint 17.