How to fix severe Bash vulnerabilities in CentOS

How to fix severe Bash vulnerabilities in CentOS
Hello, a very serious security vulnerability (vulnerability reference https://access.redhat.com/security/cve/CVE-2014-6271) was recently detected in the Linux official built-in Bash, hackers can take advantage of this Bash vulnerability to fully control the target system and initiate attacks, to avoid the impact on your Linux server, we recommend that you fix the vulnerability as soon as possible. The solution is as follows! V! & P (YO:
LT_iS ^ & 1
Note: The current solution is officially provided by Linux. The official solution to this vulnerability may still be bypassed. We will provide a more thorough solution in the future. QVtM. oi! Q
BJ5} GX!
* ARX \ TnN
[Software and system confirmed to be used] l r ~ GG3
All Linux operating systems that have installed GNU bash versions earlier than or equal to 4.3. ; LMWNy4
6ep> hS4A &
R} W2Ak \
[Vulnerability description] kg> D
This vulnerability is caused by the special environment variables created before the bash shell you call. These variables can contain code and will be executed by bash. 4l @) K9F
J * 3} 1L4P
#/"+
[Vulnerability Detection Method]/3B6Mtb
Vulnerability Detection command: env x = '() {:;}; echo vulnerable' bash-c "echo this is a test" DC :) Ysuj
~ Uj; qq
! '0s0a8
Before repair> oJkJ $ | wU
Output: Uyx & E? SlEq
Vulnerable y % cO # P @
This is a test qf8 [! 5GM
9 [Qd) % MO
O # _ b7i
UVEz after the repair solution is used; <5 @\
Bash: warning: x: ignoring function definition attempt a07 = tD
Bash: error importing function definition for 'X' \ Fb | {6 +
This is a test failed *) % n5 ,\
Note: This fix will not affect the environment. If your script defines the environment variables using the preceding method, an error will be reported during script execution. N1x @-/xa |
Ry0 % [[
LE5v-z? & |
[Recommended repair solution] glUo7 ^ ay7
,) Fkr] '<
Select the command to be repaired based on the Linux version. To prevent unexpected situations, we recommend that you take a snapshot of the system disk of the Linux server before executing the command, if the upgrade affects your server usage, you can roll back the system disk snapshot. , K0r
; # K-) m %
Centos: 'az/U [

Yum-y update bash Lm % GR [tyQ
M ~ '> '4
Ubuntu: p> * I $
14.04 64bit! <N "6KA.
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_amd64.deb & dpkg-I bash_4.3-7ubuntu1.1_amd64.deb AuiFbRFi
KfY $ ka [} "S
14.04 32bit G ^ Tk 20 *
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.3-7ubuntu1.1_i386.deb & dpkg-ibash_4.3-7ubuntu1.1_i386.deb o> lmst % <
[= % YV # O
, | T7hTn =
12.04 64bit XcfKx @ l
Http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_amd64.deb & dpkg-ibash_4.2-2ubuntu2.2_amd64.deb t + TYb # Tc
B. yh8 | &
12.04 32bit pW? & J> \ 6
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.2-2ubuntu2.2_i386.deb & dpkg-ibash_4.2-2ubuntu2.2_i386.deb Y} STF
Q/& y *) & 'o
10. × 64bit oFC)
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_amd64.deb & dpkg-I bash_4.1-2ubuntu3.1_amd64.deb + cB & Mi5
~ H/2R
10. × 32bit & # m "/g7w4N
Wget http://mirrors.aliyun.com/fix_stuff/bash_4.1-2ubuntu3.1_i386.deb & dpkg-I bash_4.1-2ubuntu3.1_i386.deb O & Z' r
Cu7 (.
4? (W %?
Debian: g! J0L7i |
7.5 64bit & 32bit 3I = kr
Apt-get-y install -- only-upgrade bash kCP $ I732
RMXzU
6.0.x 64bit GG6 % bF
Wget http://mirrors.aliyun.com/debian/pool/main/ B /bash/bash_4.1-3%2bdeb6u1_amd64.deb & dpkg-I bash_4.1-3 + deb6u1_amd64.deb 8Jr? ZDf'
RR {,) fX;
6.0.x 32bit W? RE 'qv8
Wget http://mirrors.aliyun.com/debian/pool/main/ B /bash/bash_4.1-3%2bdeb6u1_i386.deb & dpkg-I bash_4.1-3 + deb6u1_i386.deb: ', 3 h %
) @ G; j>
Opensuse: \ FzM4-
13.1 64bit uOi & G: =
Wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.x86_64.rpm & rpm-Uvh bash-4.2-68.4.1.x86_64.rpm I u] &;
V64L, u # 'l
6LUC! Sh
13.1 32bit Oe] & (
Wget http://mirrors.aliyun.com/fix_stuff/bash-4.2-68.4.1.i586.rpm & rpm-Uvh bash-4.2-68.4.1.i586.rpm 6j9)/HP
= [TSd) D, y
Aliyun linux: k'klc. j
5. x 64bit % 1U '@ 0
Wget http://mirrors.aliyun.com/centos/5/updates/x86_64/RPMS/bash-3.2-33.el5.1.x86_64.rpm & rpm-Uvh bash-3.2-33.el5.1.x86_64.rpm "> jwh.
PxINw> \ Qv
5. x 32bit xK % =
Wget http://mirrors.aliyun.com/centos/5/updates/i386/RPMS/bash-3.2-33.el5.1.i386.rpm & rpm-Uvh bash-3.2-33.el5.1.i386.rpm + Ezgn/bS &