OpenBSD erratum 018:
2017-03-04

WiFi clients using WPA1 or WPA2 are vulnerable to a man-in-the-middle attack by rouge access points.

binpatch60-(amd64|i386)-kernel-4.0.tgz