keeping the bash safe seems to have become like running the gauntlet.
I’ve updated once more my upgraded Debian Lenny bash packages to keep care of the following CVEs + shellshocker:
bash (3.2-17) unstable; urgency=high
* fixing CVE-2014-6271, CVE-2014-6277, CVE-2014-6278, CVE-2014-7169,
CVE-2014-7186, CVE-2014-7187 and exploit 3 on http://shellshocker.net/
* remark: adding all bash32 bugfixed up to #57
-- Flo... Sun, 26 Oct 2014 15:15:00 +0000
You may grab the binaries here: https://4ufiles.flo.sh/bash/debian-lenny/