As recently reported on OpenBSD's errata page, a problem in the mbuf handling of IPv6 has been elevated to a security issue. This means that OpenBSD now has two remote exploits in 10 years, as already reflected on the OpenBSD Homepage. Theo advises to to update the system (or to block IPv6 using PF as a workaround).
Second remote exploit found in OpenBSD - first one was 10 years ago
Posted on Saturday, Mar 17 2007 @ 12:30 CET by Thomas De Maesschalck
OS News reports a new remote exploit has been found in OpenBSD: