This is the standard upgrade method for AWS Linux AMI’s:
1
2
yum clean all
yum update bash
Or use this for the version 2012.09, 2012.03, or 2011.09 repositories:
1
2
yum clean all
yum--releasever=2013.03update bash
For older AWS Linux AMI’s, you may not be able to use the standard upgrade method as described in this link: https://alas.aws.amazon.com/ALAS-2014-419.html These are the steps needed to manually patch bash 4.1: […]
Be sure to create regular snapshots of your running instances. If you lose an instance, recover quickly with this procedure. I suggest that you use Elastic IP addresses to make the migration DNS-free. STEP 1: First, setup your environment properly
1
2
3
4
5
6
export EC2_HOME='/opt/aws/apitools/ec2'# Make sure you use the API tools, not the AMI tools
export EC2_BIN=$EC2_HOME/bin
export EC2_PRIVATE_KEY=/path/to/keys/pk-{Your PrivateKey ID Here}.pem
export EC2_CERT=/path/to/keys/cert-{Your PrivateKey ID Here}.pem
export PATH=$PATH:$EC2_BIN
export JAVA_HOME=/usr/java/latest
STEP 2: Create an AMI linked to the snapshot % ec2-register -n YOUR-AMI-NAME -d […]
UPDATE: From the AWS FAQ: How do I enable the Extra Packages for Enterprise Linux (EPEL) repository? Edit /etc/yum.repos.d/epel.repo, look under the section marked [epel], and change enabled=0 to enabled=1. To temporarily enable the EPEL 6 repository, use the yum command line option –enablerepo=epel.
erics, October 1st, 2014 
Categories: How-To's, Technology AMI, AWS, AWS Linux, bash, Beta, bug, Linux, patch, ShellShock
| 
1 comment 
