Bash "shellshock" CVE-2014-6271 CVE-2014-7169 - legacy system patch help
All,
I have a legacy system running conary that I can't easily replace. Now that rPath is gone, the repositories are stale. I've tested the installed version of bash, and it's vulnerable. There is a patch available for the version that's running. My questions: 1) Can I patch an installed version, or must I patch the source, then install from source (hope it's the former!)?; 2) What is the specific command to apply the patch? I assume I have to aim the patch at something. Any help would be greatly appreciated. Thanks. Diggy |
You have to apply the patch to source code.
For patching, you can usually just apply it like this: Code:
# patch -Np1 < this-file-is-a-patch.patch Code:
# tar -xvf bash-4.3.tar.gz |
Thank you, coralfang.
|
Quote:
Quote:
//Ah, I see this was answered already, bit late, but I'll keep it in. Quote:
- Download the source of your Bash version, unpack it and cd into the directory, - Download the most recent patch for your Bash version from https://ftp.gnu.org/pub/gnu/bash/bash-*-patches/, - Verify its signature, - Then run 'cat bash43-001 | patch -p0', followed by the usual './configure; make install', - Test. |
All times are GMT -5. The time now is 04:44 AM. |