Several message handling flaws in isakmpd(8) have been reported by Thomas       
Walpuski. These allow an attacker to delete arbitrary SAs.  Fixes have been     
commited to 3.3 and 3.4 -stable branches.  Patches are also available at        
                                                                                 
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/009_isakmpd.patch          
and                                                                              
ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/014_isakmpd.patch          
                                                                                
The patch for 3.4 includes also a reliability fix for a filedescriptor leak     
that causes problems when a crypto card is installed.  This problem does not    
exist in 3.3.