I am not sure whether it has, or has not been fixed, Dayglored. Apple stated in one of their last security releases that they had fixed several minor buffer overflows without enumerating or naming them. This particular issue does not work, one way or the other, with the PoC example, so it cannot be tested with what we have at hand.
Apple, being their usual closed mouthed selves, is not talking.
I think, that BSD being fixed, that Apple probably included the fix with the update. It would be too easy not to.
When Windows 98 was released, Windows 95 still had 16,000 unfixed flaws. There were over 12,000 unfixed flaws in 98 when XP was released. Most of those flaws were flaws without consequence. . . but some, obviously, were not. Apple's approach, in this instance, made this flaw inconsequential. Perhaps it was fixed, perhaps not.
The point I am making is that these guys reporting really don't know whether the flaw still exists in OSX.6.2 or not... Their "exploit" fails to execute in OS X. . . but they announce anyway, using mealy mouth words like "potential buffer overflow error," and "But Apple apparently has not yet updated its software to incorporate the fix"? It smacks of not really research the issue to find out if it exists or not. That makes this article almost pure FUD.
Then we agree. Apple has the ability to remove their self-applied "KICK ME" sign, simply by stating (on a support forum or news page, or in conversation with a tech writer), "Oh yeah, that one, that was fixed {whenever}."
Until they do, this article, FUD though it may be, still stands unchallenged, which is dumb PR, but entirely their choice.
Onward, to the next pre-tablet FUD (you know it's coming)... :)