Errata patches for LibreSSL have been released for OpenBSD 6.7 and 6.8. Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference.
Binary updates for the amd64, i386, and arm64 platforms are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata67.html https://www.openbsd.org/errata68.html