On 2014/09/25 14:54, Steven Campbell wrote:
Hi all
Does anyone know if QGIS is affected at all by the bash bug?
Linux is affected by this bug, not QGIS.
So if you're running Linux, then yes, you may be affected.
You can check by opening a terminal window, and running this (cut &
paste it into the window:
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
If you get the "Vulnerable" echo from this, then yes, your version of
bash has the bug.
You can fix this by updating to the latest bash version.
sudo apt-get update && sudo apt-get install bash
(Debian based Linux assumed, eg: Ubuntu)
After running this, rerun the "env" line above to see if it is fixed.
If still buggy, then you probably have an older version of linux, so
you'll have to download bash and recompile it on your system. (or
upgrade to a newer linux, then add the newest bash using the above
apt-get......)
To recompile bash, you'll need build-essentials installed. If you have
an older (no longer supported linux, you may be up against a wall if you
can't run gcc & make), but assuming your installed linux version already
has gcc, make etc installed, run the following:
mkdir src
cd src
wget http://ftp.gnu.org/gnu/bash/bash-4.3.tar.gz
#download all patches
for i in $(seq -f "%03g" 0 25); do wget
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/bash43-$i; done
tar zxvf bash-4.3.tar.gz
cd bash-4.3
#apply all patches
for i in $(seq -f "%03g" 0 25);do patch -p0 < ../bash43-$i; done
#build and install
./configure && make && make install
cd ..
cd ..
rm -r src
Then reboot (to be safe all previous bash shells have closed) and of
course run the "env....." command to see if your bug has gone away.
Disclaimer:
I got this methodology from
http://askubuntu.com/questions/528101/what-is-the-cve-2014-6271-bash-vulnerability-and-how-do-i-fix-it
My one linux box is current and the apt-get install bash fixed the
problem.
My server is still running an older outdated linux, and the above
compile-install DID work on it.
You use this methodology at your own risk - but it worked on both my
linux boxes (this morning).
Hope this helps.
Regards,
Zoltan
Thanks
Steve
*Steve Campbell****|GIS Manager*
Corporate Strategy and Communications
Borough of Poole | Civic Centre | Poole BH15 2RU
Tel: 01202 633 362
Email: [email protected] <mailto:[email protected]>
Website:www.boroughofpoole.com <http://www.boroughofpoole.com/>
*/Think Green! Please Recycle/*
DISCLAIMER: This email and any files transmitted with it may be
confidential, legally privileged and protected in law and are intended
solely for the use of the individual to whom it is addressed. The
copyright in all documentation is the property of the Borough of Poole
and this email and any documentation must not be copied or used other
than as strictly necessary for the purpose of this email, without
prior written consent which may be subject to conditions. Any view or
opinions presented are solely those of the author and do not
necessarily represent those of the Borough of Poole. The Borough of
Poole reserves the right to inspect incoming and outgoing emails. If
you have received this email in error please contact the sender by
return and confirm that its contents have been destroyed. Telephone
enquiries should be directed to the Borough switchboard on 01202 633633.'
_______________________________________________
Qgis-user mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/qgis-user
--
===========================================
Zoltan Szecsei PrGISc [PGP0031]
Geograph (Pty) Ltd.
GIS and Photogrammetric Services
P.O. Box 7, Muizenberg 7950, South Africa.
Mobile: +27-83-6004028
Fax: +27-86-6115323 www.geograph.co.za
===========================================
_______________________________________________
Qgis-user mailing list
[email protected]
http://lists.osgeo.org/mailman/listinfo/qgis-user
