sendmail(8) Patch In -stable Fixes Local Snooping Vulnerability
from the love letters in the sand dept.
For those of you who are still using sendmail(8) on OpenBSD 5.4 or 5.5, it's patch and update time.
The vulnerability known as CVE-2014-3956 could allow local users to interfere with open SMTP connections, and it is strongly advised that any sendmail users out there patch their systems without undue delay.
Patches are available for OpenBSD 5.4 and OpenBSD 5.5 as patch 011 and patch 007 respectively.