Bash bug
-
- DEV Team
- Posts: 2113
- Joined: 09 Feb 2013, 09:55
- Distribution: APorteus-FVWM-ja-x86_64.iso
- Location: japan
Re: Bash bug
For 32 bit, version 3.0.1
001-core3.xzm was updated to 001-core4.xzm.
http://www.mediafire.com/download/8goqr ... -core4.xzm
md5sum: 0bcd417e010716db876be750ff6d2889 001-core4.xzm
'bash', the content of 001-core3.xzm, was updated
depending on 32 bit UBUNTU14.04 updating
from the "bash_4.2-2ubuntu2.5_i386" to the "bash_4.2-2ubuntu2.6_i386".
================================================
@Rava
1."is dash working fine for all bash scripts?"
No, there are many issues which were already explained by brokenman.
2."Can it be used for the time being as a complete bash replacement
until the bash shellshock vulnerability issues are solved?"
No, it can not be used as a complete bash replacement.
Because it is too difficult for the "complete bash replacement"
to keep the quality by the short time maintenance.
3."how would one incorporate that?"
001-core.xzm could be replaced, and then be rebooted.
4."are you really running XFCE-v2.0-rc2-i486.iso as your avatar text suggests?"
I updated my avatar profile.
================================================
@donald
results of bashcheck.
[bash of 001-core3.xzm]
Testing /bin/bash ...
GNU bash, version 4.2.25(1)-release (i686-pc-linux-gnu)
Variable function parser pre/suffixed [(), redhat], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)
[bash of 001-core4.xzm]
Testing /home/guest/work/bash/bash_4.2-2ubuntu2.6_i386/bin/bash ...
GNU bash, version 4.2.25(1)-release (i686-pc-linux-gnu)
Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Not vulnerable to CVE-2014-6277 (lcamtuf bug #1)
Not vulnerable to CVE-2014-6278 (lcamtuf bug #2)
Thanks.
001-core3.xzm was updated to 001-core4.xzm.
http://www.mediafire.com/download/8goqr ... -core4.xzm
md5sum: 0bcd417e010716db876be750ff6d2889 001-core4.xzm
'bash', the content of 001-core3.xzm, was updated
depending on 32 bit UBUNTU14.04 updating
from the "bash_4.2-2ubuntu2.5_i386" to the "bash_4.2-2ubuntu2.6_i386".
================================================
@Rava
1."is dash working fine for all bash scripts?"
No, there are many issues which were already explained by brokenman.
2."Can it be used for the time being as a complete bash replacement
until the bash shellshock vulnerability issues are solved?"
No, it can not be used as a complete bash replacement.
Because it is too difficult for the "complete bash replacement"
to keep the quality by the short time maintenance.
3."how would one incorporate that?"
001-core.xzm could be replaced, and then be rebooted.
4."are you really running XFCE-v2.0-rc2-i486.iso as your avatar text suggests?"
I updated my avatar profile.
================================================
@donald
results of bashcheck.
[bash of 001-core3.xzm]
Testing /bin/bash ...
GNU bash, version 4.2.25(1)-release (i686-pc-linux-gnu)
Variable function parser pre/suffixed [(), redhat], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)
[bash of 001-core4.xzm]
Testing /home/guest/work/bash/bash_4.2-2ubuntu2.6_i386/bin/bash ...
GNU bash, version 4.2.25(1)-release (i686-pc-linux-gnu)
Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Not vulnerable to CVE-2014-6277 (lcamtuf bug #1)
Not vulnerable to CVE-2014-6278 (lcamtuf bug #2)
Thanks.
Last edited by neko on 12 Oct 2014, 03:26, edited 1 time in total.
- francois
- Contributor
- Posts: 6445
- Joined: 28 Dec 2010, 14:25
- Distribution: xfce plank porteus nemesis
- Location: Le printemps, le printemps, le printemps... ... l'hiver s'essoufle.
Re: Bash bug
@donald:
Thanks for the bash tester.
@neko:
Thanks for the new core module. It does pass the test.
Thanks for the bash tester.
@neko:
Thanks for the new core module. It does pass the test.
Prendre son temps, profiter de celui qui passe.
- Rava
- Contributor
- Posts: 5424
- Joined: 11 Jan 2011, 02:46
- Distribution: XFCE 5.01 x86_64 + 4.0 i586
- Location: Forests of Germany
Re: Bash bug
@Neko
Thanks for the info.
How do you implement updates newer than bash-4.2.050?
That's the newest txz I found. Me thinks the newer updates have to be merged into the source code and bash needs to be compiled, or am I wrong here?
Cause this is what I get running the newest available slackware patch-level on x86-64:
Thanks for the info.
How do you implement updates newer than bash-4.2.050?
That's the newest txz I found. Me thinks the newer updates have to be merged into the source code and bash needs to be compiled, or am I wrong here?
Cause this is what I get running the newest available slackware patch-level on x86-64:
# bashcheck
Testing /usr/bin/bash ...
GNU bash, version 4.2.50(2)-release (x86_64-slackware-linux-gnu)
Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Found non-exploitable CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)
Cheers!
Yours Rava
Yours Rava
-
- DEV Team
- Posts: 2113
- Joined: 09 Feb 2013, 09:55
- Distribution: APorteus-FVWM-ja-x86_64.iso
- Location: japan
Re: Bash bug
@Rava
Creating 001-core4.xzm was done as following steps.
1.get bash_4.2-2ubuntu2.6_i386.deb from
the updated newest 32 bit UBUNTU14.04 by synaptic.
2.get libtinfo.so.5.9 by USM or other tool.
3.expand bash_4.2-2ubuntu2.6_i386.deb by commands under root privilege.
# ar x bash_4.2-2ubuntu2.6_i386.deb
# mv data.tar.gz bash_4.2-2ubuntu2.6_i386.tgz
# tar -xzf control.tar.gz
4.create "PACKAGE DESCRIPTION:" text.
# echo "bash_4.2-2ubuntu2.6_i386: " > bash_4.2-2ubuntu2.6_i386.txt
# cat control | sed "s/^/bash_4.2-2ubuntu2.6_i386: /g" >> bash_4.2-2ubuntu2.6_i386.txt
# echo "bash_4.2-2ubuntu2.6_i386: " >> bash_4.2-2ubuntu2.6_i386.txt
5.install bash_4.2-2ubuntu2.6_i386.tgz into temporary root.
# mkdir root
# installpkg -root root bash_4.2-2ubuntu2.6_i386.tgz
# cd root/bin
# ln -sf bash sh
# cd ../..
# cd root/usr/bin
# ln -sf ../../bin/bash .
# cd ../../..
# mkdir -p root/lib
# mv libtinfo.so.5.9 root/lib/.
# cd root/lib
# ln -sf libtinfo.so.5.9 libtinfo.so.5
# cd ../..
7.create 001-core4.xzm
# mloop 001-core.xzm
# mkdir new
# cp -a /mnt/loop/* new/.
# uloop
# cp -a root/* new/.
# mksquashfs new 001-core4.xzm -b 256K -comp xz -Xbcj x86
Thanks.
Creating 001-core4.xzm was done as following steps.
1.get bash_4.2-2ubuntu2.6_i386.deb from
the updated newest 32 bit UBUNTU14.04 by synaptic.
2.get libtinfo.so.5.9 by USM or other tool.
3.expand bash_4.2-2ubuntu2.6_i386.deb by commands under root privilege.
# ar x bash_4.2-2ubuntu2.6_i386.deb
# mv data.tar.gz bash_4.2-2ubuntu2.6_i386.tgz
# tar -xzf control.tar.gz
4.create "PACKAGE DESCRIPTION:" text.
# echo "bash_4.2-2ubuntu2.6_i386: " > bash_4.2-2ubuntu2.6_i386.txt
# cat control | sed "s/^/bash_4.2-2ubuntu2.6_i386: /g" >> bash_4.2-2ubuntu2.6_i386.txt
# echo "bash_4.2-2ubuntu2.6_i386: " >> bash_4.2-2ubuntu2.6_i386.txt
5.install bash_4.2-2ubuntu2.6_i386.tgz into temporary root.
# mkdir root
# installpkg -root root bash_4.2-2ubuntu2.6_i386.tgz
# cd root/bin
# ln -sf bash sh
# cd ../..
# cd root/usr/bin
# ln -sf ../../bin/bash .
# cd ../../..
# mkdir -p root/lib
# mv libtinfo.so.5.9 root/lib/.
# cd root/lib
# ln -sf libtinfo.so.5.9 libtinfo.so.5
# cd ../..
7.create 001-core4.xzm
# mloop 001-core.xzm
# mkdir new
# cp -a /mnt/loop/* new/.
# uloop
# cp -a root/* new/.
# mksquashfs new 001-core4.xzm -b 256K -comp xz -Xbcj x86
Thanks.
-
- DEV Team
- Posts: 2113
- Joined: 09 Feb 2013, 09:55
- Distribution: APorteus-FVWM-ja-x86_64.iso
- Location: japan
Re: Bash bug
@Rava
A sample 64 bit 001-core4.xzm was uploaded.
'sample' means that this 001-core4.xzm was not tested
because I do not have 64 bit PC now.
http://www.mediafire.com/download/faety ... -core4.xzm
md5sum: 61f6704ac7885b2e909775451982b0f4 001-core4.xzm
Thanks.
============================================
bash_4.3-7ubuntu1.5_amd64.deb was gotten from the site
http://pkgs.org/search/bash
libtinfo.so.5.9 was gotten from the ISO
Porteus-FVWM-v3.0.1-x86_64-2.iso
A sample 64 bit 001-core4.xzm was uploaded.
'sample' means that this 001-core4.xzm was not tested
because I do not have 64 bit PC now.
http://www.mediafire.com/download/faety ... -core4.xzm
md5sum: 61f6704ac7885b2e909775451982b0f4 001-core4.xzm
Thanks.
============================================
bash_4.3-7ubuntu1.5_amd64.deb was gotten from the site
http://pkgs.org/search/bash
libtinfo.so.5.9 was gotten from the ISO
Porteus-FVWM-v3.0.1-x86_64-2.iso
-
- White ninja
- Posts: 5
- Joined: 30 Sep 2014, 18:28
- Distribution: Porteus 3 KDE4, Slacko 5.7
- Location: U.S.A.
Re: Bash bug
neko wrote:@Rava
A sample 64 bit 001-core4.xzm was uploaded.
'sample' means that this 001-core4.xzm was not tested
because I do not have 64 bit PC now.
http://www.mediafire.com/download/faety ... -core4.xzm
md5sum: 61f6704ac7885b2e909775451982b0f4 001-core4.xzm
Thanks.
============================================
bash_4.3-7ubuntu1.5_amd64.deb was gotten from the site
http://pkgs.org/search/bash
libtinfo.so.5.9 was gotten from the ISO
Porteus-FVWM-v3.0.1-x86_64-2.iso
I have a new 3.0.1 KDE4 64 install where I replaced the 001-core with the 001-core4.
Now
Code: Select all
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
Code: Select all
this is a test
Code: Select all
vulnerable
...McLuhan coined and certainly popularized the usage of the term "surfing" to refer to rapid, irregular and multidirectional movement through a heterogeneous body of documents or knowledge...
Wikipedia on Marshall McLuhan
Wikipedia on Marshall McLuhan
-
- Full of knowledge
- Posts: 2084
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: Bash bug
@slack_distros_rock
It would be more meaningful to test against all (so far known) vulnerabilities.
Not just one..
It would be more meaningful to test against all (so far known) vulnerabilities.
Not just one..
- Rava
- Contributor
- Posts: 5424
- Joined: 11 Jan 2011, 02:46
- Distribution: XFCE 5.01 x86_64 + 4.0 i586
- Location: Forests of Germany
Re: Bash bug
Is there a script that does just that? I just run the "bashcheck" one... but sadly, it seems not to have any version info in it.donald wrote:It would be more meaningful to test against all (so far known) vulnerabilities.
Not just one..
Does "bashcheck" enough to be called "test against all (so far known) vulnerabilities"?
______________________________________________________
slack_distros_rock :
Checking out your 001-core4.xzm soon...
______________________________________________________
How best does one make an comparison of what was changed in a module?
xzm2copy both into separate folders, and then run md5sum on all files but symlinks?
Is there already a script or cli one-liner that does just that?
Or is a different approach than md5sum'em'all better?
______________________________________________________
Strange enough, with my current system, that is 001-core_bash-4.2.050 ... there is a difference in what bashcheck reports.
When I run it as root in XFCe terminal, I get this:
Code: Select all
Found non-exploitable CVE-2014-7186 (redir_stack bug)
Code: Select all
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Any ideas why that differs? Not happy that root, of all users, has a higher vulnerability (even when the script tells me "non-exploitable" than normal user...
And ideas why that could be?
Cheers!
Yours Rava
Yours Rava
-
- Full of knowledge
- Posts: 2084
- Joined: 17 Jun 2013, 13:17
- Distribution: Porteus 3.2.2 XFCE 32bit
- Location: Germany
Re: Bash bug
@Rava
The updated core4.xzm (by neko btw) was built with packages from ubuntu.....
The linked page explains which vulnerabilities are checked by "bashcheck"Is there a script that does just that?
???..not to have any version info in it.
Not on my end, with original slackware patch:.. there is a difference in what bashcheck reports.
Code: Select all
guest@porteus:~$ ./bashcheck
Testing /usr/bin/bash ...
GNU bash, Version 4.2.50(2)-release (i486-slackware-linux-gnu)
Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)
guest@porteus:~$ su
Passwort:
root@porteus:~# cd /home/guest
root@porteus:/home/guest# ./bashcheck
Testing /usr/bin/bash ...
GNU bash, Version 4.2.50(2)-release (i486-slackware-linux-gnu)
Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Found non-exploitable CVE-2014-6277 (lcamtuf bug #1)
Found non-exploitable CVE-2014-6278 (lcamtuf bug #2)
root@porteus:/home/guest#
-
- White ninja
- Posts: 5
- Joined: 30 Sep 2014, 18:28
- Distribution: Porteus 3 KDE4, Slacko 5.7
- Location: U.S.A.
Re: Bash bug
@ donald
@ rava
I used the latest bashcheck and
neko's 64 bit module is ok
@ rava
I used the latest bashcheck and
Code: Select all
Variable function parser pre/suffixed [%%, upstream], bugs not exploitable
Not vulnerable to CVE-2014-6271 (original shellshock)
Not vulnerable to CVE-2014-7169 (taviso bug)
Not vulnerable to CVE-2014-7186 (redir_stack bug)
Test for CVE-2014-7187 not reliable without address sanitizer
Not vulnerable to CVE-2014-6277 (lcamtuf bug #1)
Not vulnerable to CVE-2014-6278 (lcamtuf bug #2)
...McLuhan coined and certainly popularized the usage of the term "surfing" to refer to rapid, irregular and multidirectional movement through a heterogeneous body of documents or knowledge...
Wikipedia on Marshall McLuhan
Wikipedia on Marshall McLuhan
- Rava
- Contributor
- Posts: 5424
- Joined: 11 Jan 2011, 02:46
- Distribution: XFCE 5.01 x86_64 + 4.0 i586
- Location: Forests of Germany
Re: Bash bug
^
Indeed, after restart I got the same result. Just could not post, my power supply went bonkers and I had to shut down the PC...
@neko
Could you please include the newest usm in your (x86-64 & x686) 001-core4.xzm?
Or do you - and all others - also include the usm-3.1.6-noarch-1.xzm module?
Indeed, after restart I got the same result. Just could not post, my power supply went bonkers and I had to shut down the PC...
@neko
Could you please include the newest usm in your (x86-64 & x686) 001-core4.xzm?
Or do you - and all others - also include the usm-3.1.6-noarch-1.xzm module?
Cheers!
Yours Rava
Yours Rava
- brokenman
- Site Admin
- Posts: 6105
- Joined: 27 Dec 2010, 03:50
- Distribution: Porteus v4 all desktops
- Location: Brazil
Re: Bash bug
usm-3.1.7 will be out this weekend.
How do i become super user?
Wear your underpants on the outside and put on a cape.
Wear your underpants on the outside and put on a cape.
-
- DEV Team
- Posts: 2113
- Joined: 09 Feb 2013, 09:55
- Distribution: APorteus-FVWM-ja-x86_64.iso
- Location: japan
Re: Bash bug
@ Rava
usm-latest-0.0-noarch-1 of both 001-core4.xzms will be updated to usm-3.1.7.
Thanks.
@brokenman
Thank you for your good timing post.
usm-latest-0.0-noarch-1 of both 001-core4.xzms will be updated to usm-3.1.7.
Thanks.
@brokenman
Thank you for your good timing post.
- Rava
- Contributor
- Posts: 5424
- Joined: 11 Jan 2011, 02:46
- Distribution: XFCE 5.01 x86_64 + 4.0 i586
- Location: Forests of Germany
Re: Bash bug
^ & ^^
So, sometime end of weekend, or beginning of next week, we will get core5.xzm with newest usm 3.1.7? Yay!
So, sometime end of weekend, or beginning of next week, we will get core5.xzm with newest usm 3.1.7? Yay!
Cheers!
Yours Rava
Yours Rava
- Ed_P
- Contributor
- Posts: 8578
- Joined: 06 Feb 2013, 22:12
- Distribution: Cinnamon 5.01 ISO
- Location: Western NY, USA
Re: Bash bug
I would think the 3.1 001-core.xzm module would include the bash bug fix(s) rather than a separate addon module.