updated 08:05 pm EST, Tue October 31, 2006
Xcode Tools updated
Apple today released Xcode Tools 2.4.1 (site not updated), updating the software development toolkit with functionality improvements and fixing a security issue. With the previous version of Xcode, opening a maliciously-crafted DWARF binary with GDB could lead to arbitrary code execution, according to Apple. "GDB, the GNU Debugger, is susceptible to multiple vulnerabilities that may lead to arbitrary code execution when loading maliciously-crafted DWARF binaries," said Apple. "This update addresses the issues by performing additional validation while handling DWARF binaries." The Cupertino-based company offers credit to Will Drewry and Tavis Ormandy of the Google Security Team for reporting the issue.