Apple 10249 Published by

Fixes Bash bug discovered last week that's already been seen in the wild.



From ArsTechnica:
Apple has just released the OS X Bash Update 1.0 for OS X Mavericks, Mountain Lion, and Lion, a patch that fixes the "Shellshock" bug in the Bash shell that we first reported on last week. Bash, which is the default shell for many Unix and Linux-based operating systems, has been updated two times to fix the Shellshock remote exploit bug, and many Linux distributions have already issued updates to their users.

When installed on an OS X Mavericks system, the patch upgraded the Bash shell from version 3.2.51 to version 3.2.53, something that users could already do manually if they were so inclined. The update requires the OS X 10.9.5, 10.8.5, or 10.7.5 updates to be installed on your system first. An Apple representative told Ars that the company would not be releasing an individual patch for users running the current OS X Yosemite developer or public beta builds, but the rep went on to say the bug will be fixed in future builds of the software. The company previously stated that Macs "are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services." Non-jailbroken iOS devices shouldn't be vulnerable to the exploit at all.
  Apple patches Shellshock Bash bug in OS X 10.9, 10.8, and 10.7