You can upgrade to the latest .deb on precise until utopic and get it fixed:
Run:
env x='() { :;}; echo vulnerable' bash -c 'echo hello' ;
apt-get update;
apt-get -y install bash;
env x='() { :;}; echo vulnerable' bash -c 'echo hello'
Detailed Proof of the Fix:
bash (4.3-9ubuntu2) utopic; urgency=medium
* SECURITY UPDATE: incorrect function parsing
- debian/patches/CVE-2014-6271.diff: fix function parsing in
builtins/common.h, builtins/evalstring.c, subst.c, variables.c.
- CVE-2014-6271