For those concerned about the latest exploit, I note that Debian and Ubuntu (14.04) have rolled out fixes today.
I found this on Whirlpool which gave me a positive on vulnerability before, and a negative after, the updates:
"
To test if your version of Bash is vulnerable to this issue, run the following command:
env x=‘() { :;}; echo vulnerable’ bash -c “echo this is a test”
If the output of the above command looks as follows:
vulnerable
this is a test
you are using a vulnerable version of Bash.
The patch used to fix this issue ensures that no code is allowed after the end of a Bash function. Thus, if you run the above example with the patched version of Bash, you should get an output similar to:
env x=‘() { :;}; echo vulnerable’ bash -c “echo this is a test”
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
this is a test
"
Someone with admin access to the Space machines might like to run an update.
I assume Apple will get around to a bug fix when the bendy phone issue is resolved, or eventually. 