bash version doesn't change after shellshock update

Latest response

I noticed that the bash version (bash --version) did not change after applying the updated rpm. RPM reports the correct version number and the RH vulnerability checker script says everything is good. I even tried rebooting the server; nothing changed. This happened in RHEL5 32-bit & 64-bit and RHEL4 32-bit. Has anyone else seen this behavior?

xxxxx:/home/cbristol> bash --version
GNU bash, version 3.2.25(1)-release (i386-redhat-linux-gnu)

xxxxx:/home/cbristol> sudo rpm -Uvh bash-3.2-33.el5_11.4.i386.rpm
warning: bash-3.2-33.el5_11.4.i386.rpm: Header V3 DSA signature: NOKEY, key ID 1e5e0159
Preparing... ########################################### [100%]
1:bash ########################################### [100%]

xxxxx:/home/cbristol> bash --version
GNU bash, version 3.2.25(1)-release (i686-redhat-linux-gnu)

xxxxx:/home/cbristol> rpm -q bash
bash-3.2-33.el5_11.4

xxxxx:/home/cbristol> ./shellshock-test.sh
This system is safe from CVE-2014-6271 https://access.redhat.com/security/cve/CVE-2014-6271
This system is safe from CVE-2014-7169 https://access.redhat.com/security/cve/CVE-2014-7169

CB

Responses