### Continue to fix the bash vulnerability in the debian7 wheezy version by performing the following operations:
1. Test whether upgrade is required
# Env x = '() {:;}; echo vulnerable 'bash-c "echo this is a test"# The following figure is displayed. Upgrade required.
Vulnerable
This is a test
2. Offline upgrade
### Many servers cannot go out of the Internet, but can only download and upgrade
# Wget http://security.debian.org/debian-security/pool/updates/main/ B /bash/bash_4.2+dfsg-0.1+deb7u1_amd64.deb
# Dpkg-I bash_4.2 + dfsg-0.1 + deb7u1_amd64.deb
(Reading database... 38868 files and directories currently installed .)
Preparing to replace bash 4.2 + dfsg-0.1 (using bash_4.2 + dfsg-0.1 + deb7u1_amd64.deb )...
Unpacking replacement bash...
Setting up bash (4.2 + dfsg-0.1 + deb7u1 )...
Update-Alternatives: Using/usr/share/man/man7/bash-builtins.7.gz to provide/usr/share/man/man7/builtins.7.gz (builtins.7.gz) in Auto Mode
# Dpkg-l bash # view the upgraded version
Desired = unknown/install/remove/purge/hold
| Status = Not/inSt/conf-files/unpacked/half-CONF/half-inSt/trig-await/trig-pend
|/Err? = (None)/reinst-required (status, err: uppercase = bad)
|/Name VERSION architecture description
++-======================================================== ============================================================ ======================================
II bash 4.2 + dfsg-0.1 + de amd64 GNU Bourne again shell
# Env x = '() {:;}; echo vulnerable 'bash-c "echo this is a test"# The following is displayed: the upgrade is complete.
Bash: Warning: X: Ignoring Function Definition Attempt
Bash: Error importing function definition for 'X'
This is a test
This article is based on the programmer's Life Collection and Internet. The copyright belongs to the original author.
Debian7 offline upgrade bash vulnerability Repair Method