Solved

How can I update bash Mac OS 10.6.8 ?

Posted on 2014-10-07
3
340 Views
Last Modified: 2014-10-10
I would like to upgrade Bash on a Mac running OS 10.6.8 in order to protect against the Bash vulnerability.
Are there any patches for this version?
0
Comment
Question by:100questions
3 Comments
 
LVL 11

Expert Comment

by:Ganesh Kumar A
ID: 40366411
Note that Apple released a set of official patch versions of Bash on 2014-09-29. However, the support only goes as far back as Lion, not back to Snow Leopard. So, you are still stuck with building and installing your own patched version on Snow Leopard.

1.- Open bashUpdateLion.pkg in PackageMaker

2.- Goto project/raw editing mode and modify the functions “InstallationCheck” and “VolumeCheck” in the file “Distribution” to look like this:

function InstallationCheck(prefix) {
    return true; }

function VolumeCheck(prefix) {
    return true; }

3.- Hit “build” and choose a name for the installer package.
Bash update for Snow Leopard :
https://www.dropbox.com/s/b8ogdjq6h3tnq8d/BashUpdateSnowLeopard.pkg.zip?dl=0

Reference : http://hacksagogo.wordpress.com/2014/10/02/shell-shock-os-x-bash-update-installer-for-snow-leopard/
0
 
LVL 28

Accepted Solution

by:
serialband earned 500 total points
ID: 40367416
You can also update bash with homebrew and get bash version 4.3
brew install bash
sudo sh -c 'echo "/usr/local/bin/bash" >> /etc/shells'
chsh -s /usr/local/bin/bash
sudo mv /bin/bash /bin/bash-backup
sudo ln -s /usr/local/bin/bash /bin/bash

Open in new window


Or just download and compile it yourself and use apple's version 3.2
curl https://opensource.apple.com/tarballs/bash/bash-92.tar.gz | tar zxf -
cd bash-92/bash-3.2
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0;
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0;
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0;
curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-055 | patch -p0
cd ..
xcodebuild
sudo cp /bin/bash /bin/bash.bak;
sudo cp /bin/sh /bin/sh.bak
sudo cp build/Release/bash /bin;
sudo cp build/Release/sh /bin
sudo chmod a-x /bin/bash.bak /bin/sh.bak

Open in new window


Do not reboot until you've tested it by opening a new terminal.  If you need to revert to the previous version,
sudo rm /bin/bash /bin/sh
sudo cp /bin/bash.bak /bin/bash;
sudo cp /bin/sh.bak /bin/sh
sudo chmod a+x /bin/bash /bin/sh

Open in new window


The official Apple versions came out before a few new CVEs came out, so to be certain you patched the latest holes, you may need to compile your own anyway.
0
 

Author Closing Comment

by:100questions
ID: 40373813
Have not tried this, I might just upgrade OS it might be easier.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sync Snow Leopard/Windows Server 4 21
Mac OSX can't search on smb  via finder 10 100
mixing mac for outlook and mac for windows 5 72
iPhone Mail: manually checking ALL email 3 60
Create a default user profile for Mac OS X 10.7/10.8 Create a user account on OS X that will be a template for every other user of that computer. I usually call it “profile” and make it an administrator account for the time being. 1. Install a…
There is a security feature on iOS devices that is nearly impenetrable when it has been activated.  This article will provide some possible solutions as well as necessary steps to take to ensure you do not end up with a locked device.
This Micro Tutorial demonstrates using Microsoft Excel pivot tables, how to reverse engineer competitors' marketing strategies through backlinks.
In this video I am going to show you how to back up and restore Office 365 mailboxes using CodeTwo Backup for Office 365. Learn more about the tool used in this video here: http://www.codetwo.com/backup-for-office-365/ (http://www.codetwo.com/ba…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now