Hi,
If you're ok with going to a newer bash in your EL4 environment you can rebuild the one from EL5, it will work as a drop-in replacement. HTH Kaj > On 02 Oct 2014, at 14:12, Takashi ichihara <[email protected]> > wrote: > > Hi, > > A few SL4.x nodes still exit in our Lab. which will be retired > soon. Following is a tips to update bash of legacy SL4.x for > shellshock vulnerability. (Note: support of SL4.x was ended in 2011) > > bash update tips for legacy SL4.x for shellshock vulnerability > Ref. > https://www.centos.org/forums/viewtopic.php?f=10&t=48643 > > On SL4.4-4.9 (i386 or x86_64), try as follows (at your own risk) > mkdir -p /root/rpmbuild/{BUILD,RPMS,SOURCES,SPECS,SRPMS} > echo "%_topdir /root/rpmbuild/" > /root/.rpmmacros > rpm -Uvh > http://ftp1.scientificlinux.org/linux/scientific/obsolete/4x/SRPMS/vendor/bash-3.0-27.el4.src.rpm > cd /root/rpmbuild/SOURCES/ > wget http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-017 > wget http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-018 > wget http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-019 > wget http://ftp.gnu.org/pub/gnu/bash/bash-3.0-patches/bash30-020 > # edit bash30-017 and change any reference to 3.0.16 to just 3.0 > cd /root/rpmbuild/SPECS/ > # edit /root/rpmbuild/SPECS/bash.spec > # 1) uncomment the line %patch16 -p0 -b .016 > # 2) edit this line (it is line 4): > # Release: 27%{?dist}.1 > # 3) and add where appropriate > # %patch17 -p0 -b .017 > # %patch18 -p0 -b .018 > # %patch19 -p0 -b .019 > # %patch20 -p0 -b .020 > # Patch17: bash30-017 > # Patch18: bash30-018 > # Patch19: bash30-019 > # Patch20: bash30-020 > rpmbuild -ba bash.spec > # wait to see if it completes cleanly, may take several minutes > # update bash > rpm -Fvh /root/rpmbuild/RPMS/i386/bash-3.0-27.1.i386.rpm or > rpm -Fvh /root/rpmbuild/RPMS/x86_64/bash-3.0-27.1.x86_64.rpm > > Of course, it should be better to update to SL5/6/7 and > apply patches (yum update). > > Best regards > Takashi Ichihara
