Help

OS X bash Update 1.0 released for Mavericks, Mountain Lion and Lion

flyboy
Contributor

Posted on ‎09-29-2014 04:11 PM

Mavericks: http://support.apple.com/kb/DL1769
Mountain Lion: http://support.apple.com/kb/DL1768
Lion: http://support.apple.com/kb/DL1767

0 Kudos
48 REPLIES 48

TimT
Contributor

Posted on ‎09-30-2014 06:49 PM

@CasperSally

Just curious on how you packaged up the update on a 10.9.5 machine. I ran a Composer snapshot but after I ran the installer and finished running Composer it did not include any of the files that were supposedly installed. Checked the bash version and it was updated. I don't want to have to update all my 10.9.4 machines particularly since there have been reports of AD binding issues. Don't want to go down that road again.... Thanks

0 Kudos

CasperSally
Valued Contributor II

Posted on ‎10-01-2014 05:07 AM

TimC (for some reason Jamfnation won't let me @ reply you) - I opened the package in Pacifist looking for the part that requires 10.9.5 to edit it to 10.9.4 but I couldn't find it, unfortunately. It did give a nice visual of exactly what files are included in the package.

So on test machine, I installed combo update 10.9.5, then used composer to do a new/modified snapshot and it came back with every file that showed in Pacifist. I did have to delete some extra junk (the negative of doing snapshots), but otherwise all was well. Maybe you didn't select new/modified snapshot?

0 Kudos

seanbalsiger
New Contributor III

Posted on ‎10-13-2014 06:23 PM

Has anyone heard why this isn't being pulled into local SUSs? My SUS has pulled all the recent printer updates and 10.9.5 but not the bash updates.

0 Kudos

emily
Valued Contributor III
Valued Contributor III

Posted on ‎10-14-2014 07:25 AM

I was under the impression that this was never pushed through the software update catalog from Apple.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎10-14-2014 08:00 AM

Right. It has not shown up there, and may never show up. You're on your own for getting it and deploying it.
I would assume Apple is rolling this update into Yosemite though (I hope). I don't anticipate any new updates for 10.9 and lower at this point.
I don't get the decision to not have this show up in SUS though. It doesn't make much sense to me.

0 Kudos

seanbalsiger
New Contributor III

Posted on ‎10-14-2014 08:59 AM

@mm2270 Seems like you're right but I still don't understand why they wouldn't push out a fix for a major bug.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎10-14-2014 09:06 AM

Because apparently Apple doesn't view it as a major bug. Truth is, the actual impact to "normal" OS X users is fairly slim. The larger danger for the masses is connecting to possibly outdated and compromised routers or open connections. Since so many small devices out there use embedded Linux distros for their web enabled UI, its remotely possible some of them are using an old version of bash which is affected and could end up compromised.

Still, I agree that something like this really should just get put in Apple's SUS. There's no logical reason I can come up with not to do that, so Apple's decision is perplexing. Its a tiny patch and requires no reboot.

0 Kudos

seanbalsiger
New Contributor III

Posted on ‎10-14-2014 10:21 AM

Hmmm, maybe they're still working on a final update that will be put onto SUS.

0 Kudos

CasperSally
Valued Contributor II

Posted on ‎10-17-2014 06:00 AM

Has anyone had success installing the latest security update 2014-005 Mavericks on slightly older OS versions (i.e. 10.9.4) ?

http://support.apple.com/kb/DL1772

0 Kudos