Securing Mac-OS from CVE-2014-7169 (Shellshock / Bash bug)

For this to work you need to have Xcode installed. If you don't have it, try: sudo xcode-select –install

In a terminal execute these commands:
mkdir bash-fix
cd bash-fix
curl | tar zxf –
cd bash-92/bash-3.2

curl | patch -p0
curl | patch -p0
curl | patch -p0
cd ..

Wait until you see "BUILD SUCCEEDED".

Backup your old executables:
sudo cp /bin/bash /bin/bash.old
sudo cp /bin/sh /bin/sh.old

Put the new ones in place:
sudo cp build/Release/bash /bin/bash
sudo cp build/Release/sh /bin/sh

To test for it, execute in a Mac or Linux terminal:
env var='() {(a)=>\' bash -c "echo date"; cat echo 

If you are vulnerable, you will see the current date in the output, like this:
bash: var: line 1: syntax error near unexpected token `='
bash: var: line 1: `'
bash: error importing function definition for `var'
Fr 26 Sep 2014 13:33:52 CEST