What is Shellshock?
There have been reports of a security bug–named Shellshock–discovered within the shell program Bash. Bash is used on several distributions of the Linux OS, Unix, and Apple OS X to execute different system commands and scripts and from a local command line user interface. The bug–identified also as CVE-2014-6271 and CVE-2014-7169–is regarded as a severe security issue since it would add extra code to common gateway interface (CGI) scripts which are used to generate content on webpages and web applications as well as HTTP requests.
At the time of this post, Ars Technica is reporting there are patches available for Red Hat Enterprise, CentOS, Ubuntu, and Debian Linux distributions. Apple did not specify an official patch for OS X but did release a software update yesterday.
For more information on this, check out this Ars Technica article.