Comment Re:Well done, the OpenBSD team. (Score 1) 338
The OpenBSD folk treat pretty much every bug as a security hole.
Unfortunately, that wasn't the case this time. As detaild in the advisory from CoreLabs, in fact, the OpenBSD folk refused to term this as anything but a denial of service issue and issued the patch as a "reliability fix" instead of a "security fix". This was done even after Core had provided proof-of-concept exploit code to the OpenBSD team. It wasn't until several days later that the proper categorization was done.
Now, maybe Core is spinning things innappropriately. And maybe the OpenBSD folks will want to correct the record. But right now, this doesn't look good at all...
