Bash Hell

Yes folks, that’s right. More patches for bash! While I still don’t believe the bash vulnerabilities can be exploited remotely, I am keeping bash up to date on production servers. (I would feel like a complete ID10t if a PEBCAK error on my part led the the breach of one of my beloved boxen.)

I noticed yesterday, Sunday October 5, 2014, that yet another bash patch is available for version 2.05b through 4.3. So, I set about building patched packages for each version of Slackware we use in production.

For me, that’s yet another day in BASH Hell! (Said aloud, it still sounds like bash shell -)

Here are the latest versions reported by my Slackware boxen (as of 6 October 2014 and as reported by the versions I built):

GNU bash, version 4.3.30 (Slackware Current and Slackware 14.1)
GNU bash, version 4.2.53 (Slackware 14.0)
GNU bash, version 4.1.17 (Slackware 13.37 and Slackware 13.1)
GNU bash, version 3.1.23 (Slackware 13.0 and Slackware 12.2)

NOTE: BASH 2.05b, 3.0, 3.2, and 4.0 are not used by any of the versions of Slackware we have in production, so I don’t have versions for those.

The latest patch for 2.05b is: 13
The latest patch for 3.0 is: 22The latest patch for 3.2 is 57
The latest patch for 4.0 is: 44

I’m getting tired of typing: ./bash.SlackBuild and upgradepkg bash!

Happy Slacking,
Stu…

Leave a Comment