Apple has sent out a Marshall to round up all the Jailbreakers who broke out of Cupertino. His name is Marshall iOS 4.0.2 for the iPhone and iPod Touch, and he deputized 3.2.2 to go after the iPad. Both are armed with a bullet killing fix to plug the security hole found in the PDF reader, which is also coincidentally that exact route taking by a very popular jailbreaking app to go unnamed. It is recommended for all users of either device and should probably applied, albeit begrudgingly by those who broke free. The security hole can be utilized to inflict serious damage, so it’s definitely important to get it plugged up. Don’t worry, the Dev-Team will find a new way t break you out.

iOS 4.0.2 Update for iPhone and iPod touch

FreeType

CVE-ID: CVE-2010-1797

Available for: iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod touch (2nd generation) and later

Impact: Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution

Description: A stack buffer overflow exists in FreeType’s handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.

Apple