The patches below are available in CVS via the
OPENBSD_4_8 patch branch.
For more detailed information on how to install patches to OpenBSD, please consult the OpenBSD FAQ.
Applications are only affected if they act as a server and call
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX. It is believed
that nothing in the base OS uses this. Apache httpd started using this
in v2.3.3; this is newer than the version in ports.
A source code patch exists which remedies this problem.