"FINALLY!" <-Snarled 5 Year Old. Some more objective information:
Setting aside the childish headline...
There are currently 6 known and listed Bash CVEs. That number will probably increase tomorrow. (CVE stands for Common Vulnerabilities and Exposures. Each CVE describes a specific security flaw found in public software). The APPLE-SA-2014-09-29-1 OS X bash Update 1.0 patched TWO of those six. Three further CVEs have been provided with descriptions at NIST (the USA National Institute of Standards and Technology), indicating that patches have been coded and are forthcoming. One CVE remains undescribed and unlisted at NIST, indicating that no patch has as yet been coded.
I'll be keeping track of the Bash CVEs and Apple's patchfest at my Mac-Security blog. I promise not to be TOO childish. (o_O)
http://mac-security.blogspot.com/2014/09/coverage-of-apples-bash-shellshock-bugs.html