Comment 0 for bug 1793028

After upgrade racoon from 1:0.8.2+20140711-5 to 1:0.8.2+20140711-10build1 Apple iPhones, which use a racoon client cannot connect to the racoon VPN on the Ubuntu server. Following log entries outline the failure:
Sep 14 06:42:28 vpnserver racoon[1775]: ERROR: Repeated fragment index mismatch
Sep 14 06:42:28 vpnserver racoon[1775]: ERROR: Repeated last fragment index mismatch
Sep 14 06:42:32 vpnserver racoon[1775]: ERROR: Repeated fragment index mismatch
Sep 14 06:42:32 vpnserver racoon[1775]: ERROR: Repeated last fragment index mismatch
Sep 14 06:42:35 vpnserver racoon[1775]: ERROR: Repeated fragment index mismatch
Sep 14 06:42:35 vpnserver racoon[1775]: ERROR: Repeated last fragment index mismatch
Sep 14 06:42:35 vpnserver racoon[1775]: ERROR: Repeated fragment index mismatch
Sep 14 06:42:35 vpnserver racoon[1775]: ERROR: Repeated last fragment index mismatch
Sep 14 06:42:39 vpnserver racoon[1775]: ERROR: phase1 negotiation failed due to time up.

A brief check of the upstream activities shows, that maintainers switched to panic mode because of CVE-2016-10396 and provided a rough patch without support of the ipsec-tools project and without the ability to perform sufficient regression tests.

As Debian as well as NetBSD maintainers already have expressed their general concerns about this patch, there really seems to be a severe issue.

Further evidences can be provided but as the topic is pretty complicated detailed guidance is required.