PDA

View Full Version : Which patch fix the Bash Vulnerability for Suse 11?



A_MAO
10-Oct-2014, 07:42
I run my machine with SUSE 11 (without any SP), and my system is affected by the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271 and CVE-2014-7169)。 I have find the download link for the patch to fix the issue as follow :

https://download.suse.com/Download?buildid=nNXClbWqawg~

then the question is which patch should I download for my os version ?

the ssbash11GA-64.tar or ssbash11SP1-64.tar ,or the other else?

my OS version and the architecture of my machine is :

# cat /etc/issue

Welcome to SUSE Linux Enterprise Server 11 (x86_64) - Kernel \r (\l).

# uname -a
Linux GDGZ-PA-DUAP3-DB1-ODC 2.6.27.19-5-default #1 SMP 2009-02-28 04:40:21 +0100 x86_64 x86_64 x86_64 GNU/Linux

My Bash version :

# rpm -qa | grep bash
bash-3.2-147.3
bash-doc-3.2-147.3

mikewillis
10-Oct-2014, 11:05
I run my machine with SUSE 11 (without any SP), and my system is affected by the GNU Bash Remote Code Execution Vulnerability (CVE-2014-6271 and CVE-2014-7169)。 I have find the download link for the patch to fix the issue as follow :

https://download.suse.com/Download?buildid=nNXClbWqawg~

then the question is which patch should I download for my os version ?

the ssbash11GA-64.tar or ssbash11SP1-64.tar ,or the other else?

my OS version and the architecture of my machine is :

# cat /etc/issue

Welcome to SUSE Linux Enterprise Server 11 (x86_64) - Kernel \r (\l).

# uname -a
Linux GDGZ-PA-DUAP3-DB1-ODC 2.6.27.19-5-default #1 SMP 2009-02-28 04:40:21 +0100 x86_64 x86_64 x86_64 GNU/Linux

My Bash version :

# rpm -qa | grep bash
bash-3.2-147.3
bash-doc-3.2-147.3

You want ssbash11GA-64.tar. However installing this update on your machine seems a bit like sticking a plaster on a broken leg. You're running a version of SLES that went End Of Life in December 2010 and it looks like it's never even had any updates installed. The earliest kernel update for SLES 11 GA listed on Patch Finder is version 2.6.27.21 in April 2009 and you're running 2.6.27.19. The earliest bash update was version 3.2-147.4 released in July 2009. You're concerned about shellshock, what about other vulnerabilities it might be affected by given it doesn't have updates from over five years ago installed?