_FreeBSD-9.1-p5
_を使用しています。
私の_security run output
_:
_Checking for packages with security vulnerabilities:
Database fetched: Wed Sep 24 23:01:24 EDT 2014
bash-4.3.24
_
_pkg info bash
_:
_# pkg info bash
bash-4.3.24
Name : bash
Version : 4.3.24
Installed on : Tue Sep 16 17:17:32 EDT 2014
Origin : shells/bash
Architecture : freebsd:9:x86:64
Prefix : /usr/local
Categories : shells
Licenses : GPLv3
Maintainer : [email protected]
WWW : http://cnswww.cns.cwru.edu/~chet/bash/bashtop.html
Comment : The GNU Project's Bourne Again Shell
Options :
COLONBREAKSWORDS: on
DOCS : on
HELP : on
IMPLICITCD : on
NLS : on
STATIC : off
SYSLOG : off
Shared Libs required:
libintl.so.9
libiconv.so.3
Annotations :
repo_type : binary
repository : FreeBSD
Flat size : 6.65MiB
Description :
This is GNU Bash. Bash is the GNU Project's Bourne Again Shell,
a complete implementation of the POSIX.2 Shell spec, but also
with interactive command line editing, job control on architectures
that support it, csh-like features such as history substitution and
brace expansion, and a slew of other features.
WWW: http://cnswww.cns.cwru.edu/~chet/bash/bashtop.html
#
_
_pkg upgrade bash
_:
_# pkg upgrade bash
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
Checking integrity... done (0 conflicting)
Your packages are up to date.
#
_
_/usr/ports
_ではなくpkg(8)
を使用しています。メンテナがパッケージを更新しなかったのに、セキュリティの脆弱性リストがすでに最新になっているということですか?
アップデートが出ているようです)
[alexus@alexus ~]$ Sudo pkg upgrade bash
Password:
Updating FreeBSD repository catalogue...
[alexus.org] Fetching meta.txz: 100% 968 B 1.0k/s 00:01
[alexus.org] Fetching digests.txz: 100% 2 MB 2.0M/s 00:01
[alexus.org] Fetching packagesite.txz: 100% 5 MB 5.3M/s 00:01
Removing expired repository entries: 100%
Processing new repository entries: 100%
FreeBSD repository update completed. 23417 packages processed:
9022 updated, 63 removed and 155 added.
New version of pkg detected; it needs to be installed first.
The following 1 packages will be affected (of 0 checked):
Installed packages to be UPGRADED:
pkg: 1.3.7 -> 1.3.8_1
The process will require 31 kB more space.
2 MB to be downloaded.
Proceed with this action? [y/N]: y
[alexus.org] Fetching pkg-1.3.8_1.txz: 100% 2 MB 2.0M/s 00:01
Checking integrity... done (0 conflicting)
[alexus.org] [1/1] Upgrading pkg from 1.3.7 to 1.3.8_1: 100%
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
The following 1 packages will be affected (of 0 checked):
Installed packages to be UPGRADED:
bash: 4.3.24 -> 4.3.25_1
The operation will free 64 B.
1 MB to be downloaded.
Proceed with this action? [y/N]: y
[alexus.org] Fetching bash-4.3.25_1.txz: 100% 1 MB 1.2M/s 00:01
Checking integrity... done (0 conflicting)
[alexus.org] [1/1] Upgrading bash from 4.3.24 to 4.3.25_1: 100%
[alexus@alexus ~]$
ポートから手動でbash
をアップグレードする必要がありました。
まず、ポートが最新であることを確認しました。
portsnap fetch update
次に、pkg
をアップグレードしました。
cd /usr/ports/ports-mgmt/pkg
make BATCH=yes build
make BATCH=yes deinstall
make BATCH=yes reinstall
次に、bash
をアップグレードしました。
cd /usr/ports/shells/bash
make BATCH=yes build
make BATCH=yes deinstall
make BATCH=yes reinstall
私のバージョンのbashは最新です:
# bash --version
GNU bash, version 4.3.25(1)-release (i386-portbld-freebsd9.3)
Copyright (C) 2013 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
...
単語vulnerable
は、以下のこのテストには表示されません。
# env x='() { :;}; echo vulnerable' bash -c "echo hello"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello