In reply to ByEek:
This kids, is why you should just use zsh and remove bash totally.
Newer Debian and Ubuntu machines don't use bash by default, so you're safe with them as well. Also most routers and the like which run linux, don't always run bash as it's too big. It's an excellent vuln, but I'm not sure it's quite worth the panic. Or a big splashy news article.