Date: Fri, 26 Sep 2014 15:59:40 +0100 From: Arthur Chance <freebsd@qeng-ho.org> To: freebsd@fongaboo.com Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: No BASH shellshock thread yet? Message-ID: <54257F5C.7050400@qeng-ho.org> In-Reply-To: <CA%2Bg%2BBvjskc2N8MbFrPj-u11hGqoMBm-DJWbAS0t4AbeY9t445A@mail.gmail.com> References: <alpine.BSF.2.00.1409260845440.8732@helix.wtfayla.net> <CA%2Bg%2BBvjskc2N8MbFrPj-u11hGqoMBm-DJWbAS0t4AbeY9t445A@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 26/09/2014 13:59, Olivier Nicole wrote: > What's the problem? Update your port and you're OK. > > Olivier > > On Fri, Sep 26, 2014 at 7:50 PM, <freebsd@fongaboo.com> wrote: >> >> Perhaps I'll start one... >> >> http://twisteddaemon.com/post/98320577491/bash-code-injection-vulnerability-via-specially-crafted >> >> >> http://youtu.be/ArEOVHQu9nk Or don't install bash in the first place. :-) I've had a quick scan of the ports tree (my copy was last updated a week ago). There are 139 ports that have bash as a runtime dependency when using default options. If you want to do the same thing with your own make.conf the code I used was as follows. It's not elegant or blindingly fast but works. Just hope Thunderbird doesn't mangle it too much find /usr/ports -depth 3 -name Makefile \ -execdir sh -c "echo -n '@ ' ; pwd ; make run-depends-list" \; |\ awk '/^@/ {save=$2;}; /^\/usr\/ports\/shells\/bash/ {print save;}' |\ sed -e 's:/usr/ports/::' |\ sort And to save most people doing it, here are the 139 ports that need bash at runtime archivers/makeself archivers/xarchive audio/abcde biology/gff2ps biology/ugene cad/opencascade databases/autobackupmysql databases/datamodeler databases/dbtool databases/grass databases/hbase databases/percona-toolkit databases/puppetdb databases/sqldeveloper deskutils/cairo-dock deskutils/todo devel/anjuta devel/build devel/chruby devel/colormake devel/compiz-bcop devel/gtgt devel/hadoop devel/hadoop2 devel/lcov devel/leiningen devel/liblouisxml devel/p5-Test-YAML devel/quilt devel/rbenv devel/ros devel/urjtag devel/zookeeper emulators/pipelight emulators/vboxtool emulators/wine-doors french/eficas games/gbrainy games/legends games/minecraft-client games/torcs games/trackballs graphics/epix graphics/gmt graphics/gscan2pdf graphics/pfstools graphics/vips graphics/xpaint irc/nefarious japanese/VTPSfont java/icedtea-web lang/harbour lang/jruby lang/jython lang/kroc lang/mlton lang/scala mail/biabam mail/mailscanner math/aspcud math/geogebra-i18n math/isabelle math/maxima math/plplot math/sage multimedia/2mandvd multimedia/banshee multimedia/dvd-slideshow multimedia/iso2mkv multimedia/mkxvcd multimedia/vdr-plugin-streamdev net-mgmt/icinga2 net-mgmt/nagios-check_tftp net-mgmt/victorops-nagios net-p2p/verlihub net/dropbox-uploader net/grsync net/kamailio net/mpich2 net/py-ec2-cli-tools news/sn ports-mgmt/portless print/apsfilter print/font2svg print/lpr-wrapper science/minc2 science/ncs science/paraview security/bro security/logcheck security/massh security/monkeysphere security/mussh security/p5-openxpki security/scamp security/unssh shells/ambit shells/bash-completion shells/viewglob sysutils/apt sysutils/autojump sysutils/bashburn sysutils/byobu sysutils/confman sysutils/duply sysutils/getdelta sysutils/gsmartcontrol sysutils/hal sysutils/linux-crashplan sysutils/munin-node sysutils/mybashburn sysutils/pacman sysutils/password-store sysutils/screenfetch sysutils/sshsudo sysutils/tartarus sysutils/vimpager sysutils/wemux sysutils/wiimms textproc/apertium textproc/dbacl textproc/google-translate-cli textproc/idnits textproc/irstlm textproc/rarian textproc/rfcdiff textproc/tex2im textproc/translate-toolkit textproc/xmlto textproc/yodl www/nanoblogger www/vertx www/wgetpaste x11-fm/worker x11-themes/murrine-configurator x11-wm/fvwm-crystal x11-wm/genmenu x11-wm/herbstluftwm x11-wm/hs-xmonad-contrib
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54257F5C.7050400>