WD is really taking too long to roll out the patch, it’s a simple patch.
For those with V4 firmware (note: only V4 that was released with 64K page size memory), and wish to have bash upgraded to v4.3.30, just get the ones I’ve compiled below from my dropbox (I’m not responsible for any damage caused).
From shell (ignore dpkg warnings): Only V4 firmwares, do not install directly on v3 firmware as I don’t have v3 to test! I tried building for v3 seems it still can run on v4 mycloud without being killed. You can however test first on a v3 mycloud by extracting the bash binary from this deb and run from the home dir eg ~/bash --version. Or see the install guide for v3 on the 1st page.
# Download:wget --no-check-certificate dl.dropbox.com/s/o4cefiy1d3wwp3x/bash_4.3-11_armhf.deb;
# Install:
dpkg -i bash_4.3-11_armhf.deb;# Confirm:bash --version;# Test your system:curl https://shellshocker.net/shellshock_test.sh | bash;# Results:#CVE-2014-6271 (original shellshock): not vulnerable#CVE-2014-6277 (segfault): not vulnerable#CVE-2014-6278 (Florian's patch): not vulnerable#CVE-2014-7169 (taviso bug): not vulnerable#CVE-2014-7186 (redir_stack bug): not vulnerable#CVE-2014-7187 (nested loops off by one): not vulnerable#CVE-2014-//// (exploit 3 on http://shellshocker.net/): not vulnerable
