The updated Bash packages for Fedora 19, 20 and 21 Alpha are now available in the official Fedora repositories. These updated packages provide fixes that resolve CVE-2014-6271 and CVE-2014-7169 (the issue that has been labeled “Shellshock”)
To get these updated packages, either update using the Software application, or run the following command in the terminal to download and install all the updates for your system:
sudo yum update
At the time of writing, the most up-to-date versions of Bash that resolve the CVEs are:
Fedora 21: bash-4.3.25-2.fc21 Fedora 20: bash-4.2.48-2.fc20 Fedora 19: bash-4.2.48-2.fc19
To err on the side of caution, if you previously installed one of these builds from Koji (the Fedora Buildsystem) as per these instructions, it would be prudent to reinstall the package from the official Fedora repositories to ensure that you are running a signed version of the updated Bash package. To reinstall Bash for your system, use the command:
sudo yum reinstall bash
It is also important to note that older versions of Fedora (Fedora 18 or older) are currently deemed unsupported (“End of Life”), so no updated versions of Bash will be released for these via the official Fedora repositories. It is recommended that you migrate or upgrade your system to a version of Fedora that is supported (i.e. Fedora 19 or Fedora 20).