Here are the changes of the release:
As you will notice, the FreeType is what was fixed on this one to disallow the hack from jailbreakme.com
If you want a jailbroken device then make sure you dont upgrade.
Also make sure you have your SHSH backed up with either Cydia or by using Tiny umbrella (latest version = umbrella-4.01.07)
iOS 4.0.2 Update for iPhone and iPod touch
- FreeTypeCVE-ID: CVE-2010-1797
Available for: iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod touch (2nd generation) and later
Impact: Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution
Description: A stack buffer overflow exists in FreeType’s handling of CFF opcodes. Viewing a PDF document with maliciously crafted embedded fonts may allow arbitrary code execution. This issue is addressed through improved bounds checking.
- IOSurfaceCVE-ID: CVE-2010-2973
Available for: iOS 2.0 through 4.0.1 for iPhone 3G and later, iOS 2.1 through 4.0 for iPod touch (2nd generation) and later
Impact: Malicious code running as the user may gain system privileges
Description: An integer overflow exists in the handling of IOSurface properties, which may allow malicious code running as the user to gain system privileges. This issue is addressed through improved bounds checking.