Very little of that was enabled in the default install. The no vulnerabilities claim rubbed a lot of people the wrong way. Sometimes things were patched that could have been remotely exploitable, but not called vulnerabilities because nobody checked when bugs were fixed.
Even so, I still I really like OpenBSD. I'm glad they finally got started with code signing. This work on Xorg is fantastic, although I can't see the point of running Xorg on OpenBSD.