From owner-freebsd-questions@FreeBSD.ORG Tue Sep 30 08:44:18 2014 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 42AC5460 for ; Tue, 30 Sep 2014 08:44:18 +0000 (UTC) Received: from e28smtp02.in.ibm.com (e28smtp02.in.ibm.com [122.248.162.2]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "e28smtp02.in.ibm.com", Issuer "GeoTrust SSL CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AB3ED2EB for ; Tue, 30 Sep 2014 08:44:15 +0000 (UTC) Received: from /spool/local by e28smtp02.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 30 Sep 2014 14:03:57 +0530 Received: from d28dlp02.in.ibm.com (9.184.220.127) by e28smtp02.in.ibm.com (192.168.1.132) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Tue, 30 Sep 2014 14:03:54 +0530 Received: from d28relay01.in.ibm.com (d28relay01.in.ibm.com [9.184.220.58]) by d28dlp02.in.ibm.com (Postfix) with ESMTP id 5E87D3940043 for ; Tue, 30 Sep 2014 14:03:54 +0530 (IST) Received: from d28av02.in.ibm.com (d28av02.in.ibm.com [9.184.220.64]) by d28relay01.in.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id s8U8XLet54329416 for ; Tue, 30 Sep 2014 14:03:21 +0530 Received: from d28av02.in.ibm.com (localhost [127.0.0.1]) by d28av02.in.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id s8U8XqgX017549 for ; Tue, 30 Sep 2014 14:03:52 +0530 Received: from d23ml193.in.ibm.com (pulsar.in.ibm.com [9.182.8.45]) by d28av02.in.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id s8U8Xq7Y017533 for ; Tue, 30 Sep 2014 14:03:52 +0530 Subject: Bash Shellshock Bug X-KeepSent: BBD12885:C6A08B7B-65257D63:002E6EFF; type=4; name=$KeepSent To: questions@FreeBSD.org X-Mailer: IBM Notes Release 9.0.1 October 14, 2013 Message-ID: From: Sandeep Gangadharan1 Date: Tue, 30 Sep 2014 19:31:21 +1100 X-MIMETrack: Serialize by Router on d23ml193/23/M/IBM(Release 8.5.3FP6|November 21, 2013) at 30/09/2014 14:01:21 MIME-Version: 1.0 X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 14093008-0005-0000-0000-0000013F4471 Content-Type: text/plain; charset=US-ASCII X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Sep 2014 08:44:18 -0000 Hi Team I am a Free BSD user and using Free BSD 6.2 user. root@exi-data ~ # uname -a FreeBSD exi-data.telstra.net 6.2-RELEASE FreeBSD 6.2-RELEASE #0: Thu Oct 9 15:46:16 EST 2008 root@exi-data:/usr/obj/usr/src/sys/HP_DL380G5_EXI i386 3:06pm root@exi-data ~ # It seems my server has Bash Shellshock Bug issue. 3:02pm root@exi-data ~ # env x='() { :;}; echo vulnerable' bash -c "echo this is a test" vulnerable this is a test 3:03pm root@exi-data ~ # Can you please confirm where I can get the latest Bash RPM to fix this Bug. I don't have a direct internet connection to my server. Can you please tell me where I download and how to install the latest bash version. Regards, Sandeep Gangadharan Linux System Administrator Red Hat Certified Engineer, ITIL V3 Foundation ITD GD, India Mobile: 91-9866-859808 | Phone: 91-40-4457-6849 (Embedded image moved to file: E-mail: sandegan@in.ibm.com pic07785.gif)IBM B4 Survey No 66/1 Raidurga Vil Hyderabad, AP 500032 India