Patching Bash "shellshock" on Apple Mac OS X 10.9.5

Given the recent bash vulnerability disclosure[1] most linux distributions have released patches. Unfortunately Apple still expected users to compile their patches into bash. If you were using Homebrew or Macport you were in better standing and simply had to create symlinks to the patched executables. I’ve documented the steps I had to take on my Mac desktop.

Compile

  1. mkdir bash
  2. cd bash/
  3. wget http://opensource.apple.com/tarballs/bash/bash-92.tar.gz
  4. tar zxvf bash-92.tar.gz
  5. cd bash-92
  6. cd bash-3.2/
  7. curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-052 | patch -p0
  8. curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-053 | patch -p0
  9. curl https://ftp.gnu.org/pub/gnu/bash/bash-3.2-patches/bash32-054 | patch -p0
  10. cd ..
  11. xcodebuild

Verify

[Read More]