http://openbsd.org/faq/faq15.html
Never consider any package from any OS as reviewed software. There simply isn't time to do such thing properly. Packages merely bring software to an OS and are usually compilation fixes, feature toggles, automated building and if lucky, bug reports sent uptream and fixes adopted therein.
Read the Tor changelog if you're worried about versions. Run Tor in a jail or under similar constraints if you're worried about exploits. If you're a new node, you might as well run 0.2.3.x as that's where things will be centered for the next three to six quarters.