OpenBSD erratum 035:
2017-03-04

WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack by rouge access points.

binpatch59-(amd64)-kernel-17.0.tgz