Quote from upstream bug report discussion: I agree there's something wrong with the code, although I would also like to have ways of reproducing this. Working on this bug right now is kind of a shot in the dark, and it seems numerous people here have worked on PoC or have real world conditions to reproduce those issues. It would be nice to share those so we can fix those issues properly.
SuSE has also taken the upstream patch including the latest changes. But exactly the changes from Jan. 2017 introduce the regression. Changes afterwards seem to be more code clean-up. Fedora and ArchLinux seem not to apply the patch (yet). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1793028 Title: NetBSD CVE Patch Regression To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ipsec-tools/+bug/1793028/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
