If you are not aware, there is a critical bug in Bash that causes an attacker to craft an attack using environment variables. While a partial patch has been released on Linux, Apple has yet to release a patch. However, there is a fix for it and I came up with a script to automate the process.
This will work on Mavericks. Mountain Lion might work with this patch. Do not run on Yosemite Beta since it uses a newer version.
bashupgrade.sh usage:
- -c : checks if your version of bash is vulnerable by the bug.
- -i : compiles and install patch.
Note: You must install XCode and Command Line Tools before executing this script. This script also has to be run as root.
When Apple releases an official patch, please install that and verify.
Note: The script has been upgraded to patch CVE-2014-7169 with additional checks.
Update: Fix will work in Leopard (as long XCode 3.1.2 is installed), meaning it will work in Snow Leopard and Lion as well.
Before:
After:
…