The patches below are available in CVS via the
OPENBSD_2_2
patch branch.
For more detailed information on how to install patches to OpenBSD, please consult the OpenBSD FAQ.
If the first patch is used to stop setuid coredumps, then the second patch is not as important. This problem is fixed much better in OpenBSD-current, where the kernel's symbolic link handling has been improved such that coredumping will not create a file on the other side of a symbolic link. Such a patch is not possible for the 4.4lite1 VFS layer in the OpenBSD 2.2 kernel.
The problem with the ruserok() function appears to also exist in ssh 1.2.21 and previous (the ssh people have been alerted).
This has been fixed on the ftp release of OpenBSD 2.2, and fresh kernels are available from http://ftp.OpenBSD.ORG/pub/OpenBSD/2.2/mac68k/. If at all possible, installing these kernels is recommended.
A number of possible workarounds exist if you don't have easy access to ftp the updated kernels. The simplest of these is to use a MacOS program to uncompress and untar the kernel aad use the Installer's mini-shell to "cpin" the kernel. Alternately, you could install the kernel with the Installer and use the mini-shell to move the binary from /usr/src/... to /bsd.