The problem with the first patch, as Red Hat explained in its Shellshock FAQ, was that it only took care of the original bash flaw CVE-2014-6271. This, the true Shellshock bug, is the worst bash security hole. There were also others. Red Hat said: "Shortly after that issue went public a researcher found a similar flaw that wasn’t blocked by the first fix and this was assigned CVE-2014-7169." This
![Shellshock: Better 'bash' patches now available](https://cdn-ak-scissors.b.st-hatena.com/image/square/cf9edb701166aea46128ed9086b289b59a50a59c/height=288;version=1;width=512/https%3A%2F%2Fwww.zdnet.com%2Fa%2Fimg%2Fresize%2Fcfe674795795ffa8aaae2db5f42d31a65c95edb0%2F2014%2F10%2F20%2Ff20b09ed-5829-11e4-b6a0-d4ae52e95e57%2Fshellshock-better-bash-patches-now-available-v1.jpg%3Fauto%3Dwebp%26fit%3Dcrop%26height%3D675%26width%3D1200)