$ ls -al /bin/bash
-rwxr-xr-x 1 root root 959120 Mar 29 2013 /bin/bash
$ apt-get update
$ apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
linux-image-virtual
The following packages will be upgraded:
apt apt-utils bash dbus firefox-locale-en libapt-inst1.4 libapt-pkg4.12
libdbus-1-3 libnss3 libnss3-1d
10 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Need to get 5,421 kB of archives.
After this operation, 10.2 kB of additional disk space will be used.
Do you want to continue [Y/n]?
Name : bash
Product : Fedora 19
Version : 4.2.48
Release : 2.fc19
URL : http://www.gnu.org/software/bash
Summary : The GNU Bourne Again shell
Description :
The GNU Bourne Again shell (Bash) is a shell or command language
interpreter that is compatible with the Bourne shell (sh). Bash
incorporates useful features from the Korn shell (ksh) and the C shell
(csh). Most sh scripts can be run by bash without modification.
[ 1 ] Bug #1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment
(Incomplete fix for CVE-2014-6271)
https://bugzilla.redhat.com/show_bug.cgi?id=1146319
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update bash' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
Name : bash
Product : Fedora 20
Version : 4.2.48
Release : 2.fc20
URL : http://www.gnu.org/software/bash
Summary : The GNU Bourne Again shell
Description :
The GNU Bourne Again shell (Bash) is a shell or command language
interpreter that is compatible with the Bourne shell (sh). Bash
incorporates useful features from the Korn shell (ksh) and the C shell
(csh). Most sh scripts can be run by bash without modification.
[ 1 ] Bug #1146319 - CVE-2014-7169 bash: code execution via specially-crafted environment
(Incomplete fix for CVE-2014-6271)
https://bugzilla.redhat.com/show_bug.cgi?id=1146319
--------------------------------------------------------------------------------
This update can be installed with the "yum" update program. Use
su -c 'yum update bash' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
CentOS 5 / CentOS 6 / CentOS 7
From: Johnny Hughes <johnny@centos.org>
To: centos-announce@centos.org
Subject: [CentOS-announce] CESA-2014:1306 Important CentOS 5 bash Security Update
Date: Fri, 26 Sep 2014 02:16:02 +0000
Message-ID: <20140926021602.GA3213@chakra.karan.org>
CentOS Errata and Security Advisory 2014:1306 Important
Updated bash packages that fix one security issue are now available for Red
Hat Enterprise Linux 5, 6, and 7.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
2. Relevant releases/architectures:
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64
Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64
Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
3. Description:
The GNU Bourne Again shell (Bash) is a shell and command language
interpreter compatible with the Bourne shell (sh). Bash is the default
shell for Red Hat Enterprise Linux.
It was found that the fix for CVE-2014-6271 was incomplete, and Bash still
allowed certain characters to be injected into other environments via
specially crafted environment variables. An attacker could potentially use
this flaw to override or bypass environment restrictions to execute shell
commands. Certain services and applications allow remote unauthenticated
attackers to provide environment variables, allowing them to exploit this
issue. (CVE-2014-7169)
Applications which directly create bash functions as environment variables
need to be made aware of changes to the way names are handled by this
update. For more information see the Knowledgebase article at
https://access.redhat.com/articles/1200223
Note: Docker users are advised to use "yum update" within their containers,
and to commit the resulting changes.
For additional information on CVE-2014-6271 and CVE-2014-7169, refer to the
aforementioned Knowledgebase article.
All bash users are advised to upgrade to these updated packages, which
contain a backported patch to correct this issue.
4. Solution:
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the
Red Hat Network to apply this update are available at
https://access.redhat.com/articles/11258
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
#package">https://access.redhat.com/security/team/key/#package
Bash allowed bypassing environment restrictions in certain environments.
Software Description:
- bash: GNU Bourne Again SHell
Details:
Tavis Ormandy discovered that the security fix for Bash included in
USN-2362-1 was incomplete. An attacker could use this issue to bypass
certain environment restrictions. (CVE-2014-7169)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 14.04 LTS:
bash 4.3-7ubuntu1.2
Ubuntu 12.04 LTS:
bash 4.2-2ubuntu2.3
Ubuntu 10.04 LTS:
bash 4.1-2ubuntu3.2
In general, a standard system update will make all the necessary changes.
$ apt-get upgrade
[14:38] > apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be upgraded:
bash grub-common
2 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
Need to get 2,715 kB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://archive.ubuntu.com/ubuntu/ precise-updates/main bash amd64 4.2-2ubuntu2.3 [641 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ precise-updates/main grub-common amd64 1.99-21ubuntu3.17 [2,074 kB]
Fetched 2,715 kB in 2s (1,129 kB/s)
(Reading database ... 29737 files and directories currently installed.)
Preparing to replace bash 4.2-2ubuntu2.2 (using .../bash_4.2-2ubuntu2.3_amd64.deb) ...
Unpacking replacement bash ...
Processing triggers for man-db ...
Setting up bash (4.2-2ubuntu2.3) ...
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode.
(Reading database ... 29737 files and directories currently installed.)
Preparing to replace grub-common 1.99-21ubuntu3.16 (using .../grub-common_1.99-21ubuntu3.17_amd64.deb) ...
Unpacking replacement grub-common ...
Processing triggers for ureadahead ...
Processing triggers for man-db ...
Setting up grub-common (1.99-21ubuntu3.17) ...
$ apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
bash
1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 576 kB of archives.
After this operation, 8192 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Preparing to unpack .../bash_4.3-7ubuntu1.4_amd64.deb ...
Unpacking bash (4.3-7ubuntu1.4) over (4.3-7ubuntu1.3) ...
Processing triggers for man-db (2.6.7.1-1) ...
Processing triggers for install-info (5.2.0.dfsg.1-2) ...
Setting up bash (4.3-7ubuntu1.4) ...
update-alternatives: using /usr/share/man/man7/bash-builtins.7.gz to provide /usr/share/man/man7/builtins.7.gz (builtins.7.gz) in auto mode
$ bash --version
GNU bash, version 4.3.11(1)-release (x86_64-pc-linux-gnu)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software; you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
