UPDATE: the packages mentioned in this post contained an incomplete fix. See this newer post for more details and how to get the updated packages that contain the fix

The Red Hat security blog just posted a detailed article on the recently discovered flaw CVE-2014-6271 in bash that is being referred to as “Shellshock”. Be sure to check out the article if you want to learn a little bit more about the issue. Otherwise, be sure to update your Fedora system to get the most recent version of Bash that fixes this issue. The updates are still working their way through the Fedora updates system, so you might not be able to update yet, but they should be coming through ASAP.

You can check to see if your bash shell is vulnerable by running the command:

env x='() { :;}; echo OOPS' bash -c /bin/true

And if that command returns OOPS, then your bash shell is vulnerable. If you are running a patched bash, output should look something like:

bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x'

Alternatively, you can run the following command on your system to check which version of bash installed :

rpm -q bash

and make sure it is not older than:

Fedora 19: bash-4.2.47-2.fc19

Fedora 20: bash-4.2.47-4.fc20

Fedora 21: bash-4.3.22-3.fc21

Perhaps you don’t want to wait for the updates to make their way through the signing and mirroring systems. If not, you can download them right away from the official Fedora package build system and install them, using the following commands:

Fedora 21 Alpha

Run these commands:

su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.3.22-3.fc21 su -c "yum localinstall bash-4.3.22-3.fc21.$(uname -m).rpm" # provide root password again...

Fedora 20

Run these commands:

su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.2.47-4.fc20 su -c "yum localinstall bash-4.2.47-4.fc20.$(uname -m).rpm" # provide root password again...

Fedora 19

Run these commands:

su -c "yum -y install koji" # provide root password... koji download-build --arch=$(uname -m) bash-4.2.47-2.fc19 su -c "yum localinstall bash-4.2.47-2.fc19.$(uname -m).rpm" # provide root password again...