A security vulnerability was introduced in libreswan 3.16. The pluto IKE daemon would restart when receiving an IKE transform containg AES_XCBC. External references: https://lists.libreswan.org/pipermail/swan-announce/2016/000019.html
Created libreswan tracking bugs for this issue: Affects: fedora-all [bug 1327958]
3.17-1 packages for fedora were already pushed and are in stable
(In reply to Paul Wouters from comment #2) > 3.17-1 packages for fedora were already pushed and are in stable Thanks, this is now fixed in fedora.