* The former fix is somewhat theoretical. Back around 2003-2004, there was a Bellare paper that proposed an attack on SSH based on its use of "chained IVs", where the IV of packet N is the last ciphertext of packet N-1. This reveals the IV of the next packet to attackers (ciphertext is public) before the packet is encrypted; it is OK for IVs to be public, but not OK for them to be predictable, or else attackers can use a chosen-plaintext attack to make guesses about packet contents. Angelos got rid of this construction back then, and this fix makes the rest of OpenBSD's crypto consistent with the fix. Interesting, but certainly not a crypto backdoor.
* The latter fix isn't a security flaw; they forgot to bump a constant and so a for() loop wouldn't be able to find an item in a list.
Never mind. I wrote the exploit code for that vulnerability. It's awesome. It's still definitely not a crypto backdoor (it lets you run dictionary attacks against crypto blocks in a CBC message stream, which is terrible, but not exactly an FBI-friendly feature addition), but it's not theoretical.
And yet, based on how this is being handled I find myself respecting OpenBSD even more.