Apple today released OS X bash Update 1.0 for OS X Mavericks, Mountain Lion, and Lion which fixes a security flaw in the bash UNIX shell.
For more information on the security content of this update, see http://support.apple.com/kb/HT1222
Two rather rare scenarios that can make OS X vulnerable to the Shellshock Bash bug – September 29, 2014
Apple: Vast majority of OS X users safe from ‘Shellshock’ bash exploit, patch coming quickly for advanced Unix users – September 26, 2014
The Bash ‘Shellshock’ bug and workaround – September 25, 2014
U.S. government warns of Bash flaw affecting Apple’s OS X, other Unix-based systems – September 25, 2014