Community
Learn
Tools Library
AI Tools
Leisure
search
English
Table of Contents
CentOS repair solution
Install the yum plug-in yum-downloadonly
Add the official source of CentOS CentOS-Base.repo
Download the latest bash package
Installation The latest bash package
Verification
Add the existing rpm source
Home Operation and Maintenance CentOS How to upgrade Bash in CentOS (fix shell breaking vulnerability)

How to upgrade Bash in CentOS (fix shell breaking vulnerability)

藏色散人
藏色散人
Mar 01, 2021 pm 04:01 PM
bash centos

The following column centos tutorial will introduce you to CentOS upgrade Bash --- Repair the shell-breaking vulnerability. I hope it will be helpful to friends in need!

How to upgrade Bash in CentOS (fix shell breaking vulnerability)

Because many companies have their own yum sources, Therefore, it is not allowed to directly configure other yum sources to upgrade. In order to facilitate the upgrade and test safely, first use a test machine for testing.

CentOS repair solution

Install the yum plug-in yum-downloadonly

Note: yum-downloadonly The function of the plug-in is to download only all Need to package without installing directly

sudo yum -y install yum-downloadonly

Add the official source of CentOS CentOS-Base.repo

The official source of CentOS 5

# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the 
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#released updates 
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

Official source of CentOS 6

# CentOS-Base.repo
#
# The mirror system uses the connecting IP address of the client and the
# update status of each mirror to pick mirrors that are updated to and
# geographically close to the client. You should use this for CentOS updates
# unless you are manually picking other mirrors.
#
# If the mirrorlist= does not work for you, as a fall back you can try the 
# remarked out baseurl= line instead.
#
#
[base]
name=CentOS-$releasever - Base
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os
#baseurl=http://mirror.centos.org/centos/$releasever/os/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#released updates 
[updates]
name=CentOS-$releasever - Updates
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates
#baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
#baseurl=http://mirror.centos.org/centos/$releasever/extras/$basearch/
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#additional packages that extend functionality of existing packages
[centosplus]
name=CentOS-$releasever - Plus
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus
#baseurl=http://mirror.centos.org/centos/$releasever/centosplus/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6
#contrib - packages by Centos Users
[contrib]
name=CentOS-$releasever - Contrib
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib
#baseurl=http://mirror.centos.org/centos/$releasever/contrib/$basearch/
gpgcheck=1
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6

Download the latest bash package

Download the rpm package of the latest version of bash to the /tmp directory

sudo  yum -y install --downloadonly --downloaddir=/tmp/ bash

The downloaded package names are as follows:

CentOS 5

bash-3.2-33.el5_10.4.x86_64.rpm

CentOS 6

bash-4.1.2-15.el6_5.2.x86_64.rpm

Installation The latest bash package

CentOS 5

sudo yum -y install bash-3.2-33.el5_10.4.x86_64.rpm

CentOS 6

sudo yum -y install bash-4.1.2-15.el6_5.2.x86_64.rpm

Verification

env X='() { (a)=>\' sh -c "echo date"; cat echo The output is as follows: 

date
Mon Sep 29 10:11:56 CST 2014

env VAR='() { :; }; echo Bash is vulnerable!' bash -c "echo Bash Hello" The output is as follows: 

Bash Hello

Proof that the repair is successful

Add the existing rpm source

The last step is to add the tested package to the company's own source, and then push it to the entire network.

The above is the detailed content of How to upgrade Bash in CentOS (fix shell breaking vulnerability). For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undress AI Tool

Undress AI Tool

Undress images for free

Undresser.AI Undress

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

AI Clothes Remover

Online AI tool for removing clothes from photos.

Clothoff.io

Clothoff.io

AI clothes remover

Video Face Swap

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Show More

Hot Article

How to report an impersonation account on Instagram
4 weeks ago By 下次还敢
How to Change ChatGPT Personality in Settings (Cynic, Robot, Listener, Nerd)
3 weeks ago By DDD
How to Fight Eris in Neon Abyss
4 weeks ago By Jack chen
Steal a Brainrot Rebirth Guide: How to Do It & What You Get
3 weeks ago By Jack chen
Terminull Brigade: Best Aurora Build Guide
2 weeks ago By DDD
Show More

Hot Tools

Notepad++7.3.1

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Show More

Hot Topics

PHP Tutorial
1615
276
Setting up and using Magic Mouse in Windows
0
6
Show More
Related knowledge
.NET Core Quick Start Tutorial 1. The beginning: Talking about .NET Core .NET Core Quick Start Tutorial 1. The beginning: Talking about .NET Core May 07, 2025 pm 04:54 PM

1. The Origin of .NETCore When talking about .NETCore, we must not mention its predecessor .NET. Java was in the limelight at that time, and Microsoft also favored Java. The Java virtual machine on the Windows platform was developed by Microsoft based on JVM standards. It is said to be the best performance Java virtual machine at that time. However, Microsoft has its own little abacus, trying to bundle Java with the Windows platform and add some Windows-specific features. Sun's dissatisfaction with this led to a breakdown of the relationship between the two parties, and Microsoft then launched .NET. .NET has borrowed many features of Java since its inception and gradually surpassed Java in language features and form development. Java in version 1.6

Hadoop pseudo-distributed cluster construction Hadoop pseudo-distributed cluster construction May 07, 2025 pm 04:45 PM

Software preparation I am using a virtual machine with CentOS-6.6, with the host name repo. Refer to the steps to install a Linux virtual machine in Windows, I installed JDK in that virtual machine, refer to the guide to installing JDK in Linux. In addition, the virtual machine is configured with a key-free login itself, and the settings for configuring key-free login between each virtual machine are referenced. The download address of Hadoop installation package is: https://mirrors.aliyun.com/apache/hadoop/common/. I am using hadoop 2.6.5 version. Upload the Hadoop installation package to the server and unzip [root@repo~]#tarzxv

Postman Integrated Application on CentOS Postman Integrated Application on CentOS May 19, 2025 pm 08:00 PM

Integrating Postman applications on CentOS can be achieved through a variety of methods. The following are the detailed steps and suggestions: Install Postman by downloading the installation package to download Postman's Linux version installation package: Visit Postman's official website and select the version suitable for Linux to download. Unzip the installation package: Use the following command to unzip the installation package to the specified directory, for example /opt: sudotar-xzfpostman-linux-x64-xx.xx.xx.tar.gz-C/opt Please note that "postman-linux-x64-xx.xx.xx.tar.gz" is replaced by the file name you actually downloaded. Create symbols

CentOS: What Led to the Decision to End Support CentOS: What Led to the Decision to End Support Apr 23, 2025 am 12:10 AM

RedHatendedsupportforCentOStoshifttowardsacommerciallyfocusedmodelwithCentOSStream.1)CentOStransitionedtoCentOSStreamforRHELdevelopment.2)ThisencourageduserstomovetoRHEL.3)AlternativeslikeAlmaLinux,RockyLinux,andOracleLinuxemergedasreplacements.

How to optimize HDFS configuration on CentOS How to optimize HDFS configuration on CentOS May 19, 2025 pm 08:18 PM

Optimizing the performance of Hadoop distributed file system (HDFS) on CentOS systems can be achieved through a variety of methods, including adjusting system kernel parameters, optimizing HDFS configuration files, and improving hardware resources. The following are detailed optimization steps and suggestions: Adjust the system kernel parameters to increase the limit on the number of files opened by a single process: Use the ulimit-n65535 command to temporarily adjust. If it needs to take effect permanently, please edit the /etc/security/limits.conf and /etc/pam.d/login files. Optimize TCP parameters: Edit /etc/sysctl.conf file, add or modify the following content: net.ipv4.tcp_tw

How to customize the interface of GitLab on CentOS How to customize the interface of GitLab on CentOS May 19, 2025 pm 08:03 PM

Customize the GitLab interface on CentOS system to easily create a personalized workspace! The following steps will guide you how to change the interface language and customize the homepage style: Interface language settings Log in to GitLab: Access your GitLab server address in your browser and log in. Access settings: Click on your user avatar in the upper right corner and select "Settings". Go to User Interface Settings: In the menu on the left, find "Preferences" and select "UserInterface". Select language: In the "User Interface" drop-down menu, select "Chinese(Simplified)",

How to install MySQL on Linux system How to install MySQL on Linux system Apr 29, 2025 pm 03:57 PM

Installing MySQL on Linux can be done through the package manager. The specific steps are as follows: 1. On Ubuntu, use apt to update the package list and install the MySQL server; 2. On CentOS, use yum to install the MySQL community version and start the service. After installation, basic configuration needs to be performed, such as setting the root password and creating database and users.

What is the method of backing up CentOS HBase data What is the method of backing up CentOS HBase data May 19, 2025 pm 08:12 PM

There are many ways to back up HBase data on CentOS system. Here are some commonly used backup methods: HBase's own backup tool HBaseShell: You can use hbaseshell to perform backup operations manually. First, make sure you are connected to HBaseShell. Then, execute the following command: hbasecopy_table'source_table''destination_table',{COPY_TO'file:///pa

See all articles