We are running Debian Etch, Lenny and Squeeze because upgrades have never been done in this shop; we have over 150 systems running various Debian versions. In light of the "shell shock" of this week, I assume I need to upgrade bash. I do not know Debian so I am concerned.
Can I merely execute apt-get install bash
on all of my Debian systems and get the correct Bash package while my repository is pointed at a Squeeze entry. If not, what other course of action do I have?
Best Answer
You have the option to just upgrade bash. To do so use the following
apt-get
command:Then after the update fetches all of the available updates run:
To get updates on older releases, Squeeze for example, you will probably need to add the Squeeze-LTS repo to your sources.list.
To add this repository, edit
/etc/apt/sources.list
and add the following line to the end of the file.To check a particular system for the vulnerabilities (or see if the upgrade works) you can check the bash versions that you are using and see if the version is affected (it probably is) or there are numerous shell test scripts available on the web.
EDIT 1
To upgrade
bash
on Lenny or Etch, take a look at Ilya Sheershoff's answer below for how to compilebash
from source and manually upgrade the version ofbash
that your release is using.EDIT 2
Here is an example
sources.list
file from a Squeeze server I successfully upgraded: