Linux SSH bash紧急安全补丁!重要!
漏洞级别:非常严重
漏洞信息:Bash CVE-2014-6271
1.测试是否存在漏洞,执行以下命令:
# env t='() { :;}; echo You are vulnerable.' bash -c "true"
如果显示You are vulnerable,很遗憾,必须立即打上安全补丁修复
2.修复漏洞办法
centos:(最终解决方案) yum clean all yum makecache yum -y update bash ubuntu:(最终解决方案) apt-cache gencaches apt-get -y install --only-upgrade bash debian:(最终解决方案) 7.5 64bit && 32bit apt-cache gencaches apt-get -y install --only-upgrade bash 6.0.x 64bit wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3+deb6u2_amd64.deb && dpkg -i bash_4.1-3+deb6u2_amd64.deb 6.0.x 32bit wget http://mirrors.aliyun.com/debian/pool/main/b/bash/bash_4.1-3+deb6u2_i386.deb && dpkg -i bash_4.1-3+deb6u2_i386.deb aliyun linux:(最终解决方案) 5.x 64bit wget http://mirrors.aliyun.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5_10.4.x86_64.rpm && rpm -Uvh bash-3.2-33.el5_10.4.x86_64.rpm 5.x 32bit wget http://mirrors.aliyun.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5_10.4.i386.rpm && rpm -Uvh bash-3.2-33.el5_10.4.i386.rpm