Those interested in the more recently discovered bash vulnerabilities will likely want to have a look at this detailed posting from Michal Zalewski. Then make sure your systems are updated. "I initially shared the findings privately with vendors, but because of the intense scrutiny that this codebase is under, the ease of reproducing these results with an open-source fuzzer, and the now-broad availability of upstream mitigations, there seems to be relatively little value in continued secrecy."
October 2, 2014
Zalewski on the Other Bash RCEs (CVE-2014-6277 and CVE-2014-6278)
Read more at LWN