05 October 2014

How to Test For the Shellshock Vulnerability and Upgrade Bash Using MacPorts on Mac OS X 10.9.4

Given all the hype recently over the bash Shellshock vulnerability, no matter what operating system being used, any affected version of bash should be patched and/or upgraded immediately.

You can quickly test your operating system to see if your bash version is vulnerable by following instructions on the Shellshocker website. TLDR, here is the command you need to run to test bash on your machine:

Note that the version of bash in my path (the newer one from MacPorts) is not affected by the vuln. Now I will test the version of bash installed as /bin/bash:


Notice that I piped the script directly to /bin/bash instead of relying upon the version of bash in my PATH. Because I have already installed Apple's update (noted below), /bin/bash is not affected either.

Apple Update 

Apple has already released an update containing a patched bash version, so it's very easy to update the standard bash version located in /bin/bash. But, if you are like me and you are using MacPorts to manage many binaries within Mac OS X, you may not be using the version of bash installed by Apple.

Use of MacPorts to Upgrade Bash

I have used MacPorts for years and I continue to get grief from people who love Homebrew. I must say that I do like both, but for some reason I have always kept coming back to MacPorts. Anyway, if you are using MacPorts then upgrading to the patched version of bash is especially easy. Below are the commands to upgrade bash: