From owner-freebsd-questions@FreeBSD.ORG Tue Sep 30 13:28:05 2014 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 984EDB58 for ; Tue, 30 Sep 2014 13:28:05 +0000 (UTC) Received: from mx01.qsc.de (mx01.qsc.de [213.148.129.14]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 47DF1B37 for ; Tue, 30 Sep 2014 13:28:05 +0000 (UTC) Received: from r56.edvax.de (port-92-195-18-143.dynamic.qsc.de [92.195.18.143]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx01.qsc.de (Postfix) with ESMTPS id 407013CEA6; Tue, 30 Sep 2014 15:28:02 +0200 (CEST) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id s8UDS1Ia001875; Tue, 30 Sep 2014 15:28:01 +0200 (CEST) (envelope-from freebsd@edvax.de) Date: Tue, 30 Sep 2014 15:28:01 +0200 From: Polytropon To: Sandeep Gangadharan1 Subject: Re: Bash Shellshock Bug Message-Id: <20140930152801.cd7a2a5e.freebsd@edvax.de> In-Reply-To: References: <20140930110034.a637ab6d.freebsd@edvax.de> Reply-To: Polytropon Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Sep 2014 13:28:05 -0000 On Tue, 30 Sep 2014 20:10:47 +1100, Sandeep Gangadharan1 wrote: > Hi Team > > Is there anyway to get patch for my FreeBSD 6.2 . If I enable internet > connection is it possible. It is possible, but not trivial. The thread mentioned should give you an impression of the _different_ ways that exist to perform the bash update. However, _you_ need to decide which approach you want to try. Keep in mind either way might work, or might not (simply because FreeBSD 6 isn't supported anymore, and things have changed, especially the package management and the ports infra- structure). > I cannot upgrade the version right now. That should not be the primary problem, even though you should consider upgrading to a supported FreeBSD version (v9 and v10 currently). :-) > Can you please share the method of upgrading the package. Read the mentioned ways before you start. This is not a "follow step by step" procedure - it involves decisions and is a little bit of "trial & error". ;-) I'll simply quote parts from the discussion thread, if this is okay for you. Still you need to check which works for you. Make a backup (!) first (at least of the installed bash package). Before you do _anything_ to your current ports tree, do this: # cd /usr/ports/shells/bash # make package This will make a backup package in /usr/ports/packages of your _current_ bash (the _working_ one), in case anything should go wrong. You can then later on re-install bash with # pkg_add /usr/ports/packages/All/bash-x.y.z.tbz (where x.y.z reflects the version number of bash prior to your upgrade attempts). If you can still access FreeBSD 6 packages (note that you might point $PACKAGESITE at the _archives_ section of the FreeBSD FTP server; see "man pkg_add" for details. # setenv PACKAGESITE=ftp://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/i386/6.2-RELEASE/packages/Latest # pkg_delete -f /var/db/pkg/bash-x.y.z # pkg_add -r bash Use the [Tab] key to autocomplete the correct version number in the 2nd command. Probably that won't work; bash-3.2.25 seems the last version available here. So you'll probably have to build from source. That might be a problem due to the architectural difference between FreeBSD 6 and the current build system... so the "obvious" # pkg upgrade bash doesn't work for you, because FreeBSD 6 doesn't have pkgng yet. Again note: Make a backup (!) of your current /usr/ports tree before you start! Updating the ports tree is possible, but probably you don't even have portsnap on FreeBSD 6 yet. I'm not sure when it has been introduced, but I assume it was somewhere betweeen FreeBSD 7 and 8... This is how you would do it: # portsnap fetch update # cd /usr/ports/shells/bash # make deinstall # make # make reinstall If you have any other means to update your ports tree (CVS was the standard at FreeBSD 6, I don't know if this is still supported, as FreeBSD now uses Subversion), you could also try the equivalent with binary packages: # portsnap fetch update # portupgrade -P bash or # portsnap fetch update # portmaster -P shells/bash depending on your use of a port management tool. Omit -P to try to build from source. I'd like to emphasize the advice I've provided in the thread mentioned, after being informed that building _with_ the ports tree will probably be problematic: ''On the other hand, maybe it would even be possible to check out the current source for bssh (and maybe its dependencies) and build them "off the track", i. e., not using the ports infrastructure at all, and then manually copying the resulting binary to the required place, as well as its libraries (unless static linking has been enabled). It's worth having a look at ./configure's options to tune this approach.'' This is probably the "easiest" way to try. You don't mess up things with your ports collection here. Again, please note: Make a backup copy of your working bash version, as I said above. You can find the full source here: http://lists.freebsd.org/pipermail/freebsd-questions/2014-September/261423.html Take your time to read, and to think about the problem. I'm sure you'll be successful once you've figured out which way works for you. Also note that I haven't tested _anything_ of the methods mentioned here, so I can't promise they'll work. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...