This patch introduces very cool feature and no more vulnerability!!!

bash.patch

diff --git a/variables.c b/variables.c
index 92a5a10..b485dab 100644
--- a/variables.c
+++ b/variables.c
@@ -347,39 +347,6 @@ initialize_shell_variables (env, privmode)
 
       temp_var = (SHELL_VAR *)NULL;
 
-      /* If exported function, define it now.  Don't import functions from
-	 the environment in privileged mode. */
-      if (privmode == 0 && read_but_dont_execute == 0 && STREQN ("() {", string, 4))
-	{
-	  string_length = strlen (string);
-	  temp_string = (char *)xmalloc (3 + string_length + char_index);
-
-	  strcpy (temp_string, name);
-	  temp_string[char_index] = ' ';
-	  strcpy (temp_string + char_index + 1, string);
-
-	  /* Don't import function names that are invalid identifiers from the
-	     environment, though we still allow them to be defined as shell
-	     variables. */
-	  if (legal_identifier (name))
-	    parse_and_execute (temp_string, name, SEVAL_NONINT|SEVAL_NOHIST|SEVAL_FUNCDEF|SEVAL_ONECMD);
-
-	  if (temp_var = find_function (name))
-	    {
-	      VSETATTR (temp_var, (att_exported|att_imported));
-	      array_needs_making = 1;
-	    }
-	  else
-	    {
-	      if (temp_var = bind_variable (name, string, 0))
-		{
-		  VSETATTR (temp_var, (att_exported | att_imported | att_invisible));
-		  array_needs_making = 1;
-		}
-	      last_command_exit_value = 1;
-	      report_error (_("error importing function definition for `%s'"), name);
-	    }
-	}
 #if defined (ARRAY_VARS)
 #  if ARRAY_EXPORT
       /* Array variables may not yet be exported. */