[CentOS] patching bash 2.05b for Shellshock

Boris Epstein

borepstein at gmail.com
Wed Oct 8 18:56:59 UTC 2014


Hello all,

Amongst a number of modern CentOS machines we have this one RHEL 3 machine
(don't ask me why:) and on it we have bash 2.05b. I was trying to compile a
version of bash for it that would be Shellshock-proofed.

To do that, I downloaded a copy of the code from the GNU along with all the
13 patches, applied the patches, compiled the code and installed the
executable. All vulnerabilities appear to be fixed with the exception
of CVE-2014-7187.

Does anybody know why this may be?

Thanks.

Boris.



More information about the CentOS mailing list