| layout | title | categories | author |
|---|---|---|---|
post |
Protect your bash from Shellshock |
Instances |
NicolasLM |
On September 24th a critical security issue has been found in bash. The issue
is called
Shellshock. Under
certain circumstances, a remote attacker could execute commands on the system
using this breach. Here is what to do to safely use RunAbove systems.
Images on RunAbove has been updated with the latest security fix. Each new instance will not be vulnerable anymore. You do not need to do anything else.
For instances launched before September 26th it is very important to update
bash.
By now all distribution vendors have fixed the issue in the bash package. To
benefit from the fix you only need to update your system with the package
manager.
On Debian and Ubuntu you can update your system with apt:
sudo apt-get update && sudo apt-get upgrade
On Fedora and CentOS you can update your system with yum:
sudo yum update
If you feel like compiling the latest version of bash from sources you can
fetch the tarball and run the build with:
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
tar -xf bash-4.3.tar.gz
cd bash-4.3
make
You can then install it:
make install