I have a system that I administer remotely (2 timezones away) that runs Ubuntu 9.04, Jaunty. For various reasons, mainly that I'm really leery about trying to do a distribution upgrade from so far away, I can't upgrade it to a more recent version. Obviously it's no longer supported and there aren't any official patches. Are there instructions available as to how I can patch the code and recompile bash myself to remove the shellshock vulnerabilities?
Linux – How to Patch Shellshock Vulnerability on Obsolete Ubuntu System
linuxpatchshellshockUbuntu
Best Answer
Stole this from AskUbuntu, from someone who stole it off of Hacker News. Worked on two old servers for me
Update: I just noticed that if you don't add
--prefix=/
to the configure command you'll end up with/usr/local/bin/bash
that is up to date and/bin/bash
will still be vulnerable.