http://security.freebsd.org/advisories/FreeBSD-SA-08:04.ipsec.asc
DragonFly was vulnerable as well and it was fixed in Nov 22 2007 in rev 1.9 in the HEAD (so, it's fixed in 1.12 as well) and in rev 1.8.4.1 in the 1.10 branch. There is bad news - in our code IPv4 was vulnerable as well, not just IPv6. But there is good news as well - GENERIC isn't affected because it doesn't have IPSEC support support compiled in. So, please update if you haven't done it already and are using IPSEC. -- Hasso Tepper
