This update fixes a bug in the bash shell that allows an attacker to
execute arbitrary commands upon shell invocation if he can control the
shell’s environment. This is particularly dangerous if the shell is used
as a cgi interpreter for a web server, or if the shell handles untrusted
input inherited in the environment from other sources.