Xenial onwards, the package is in universe because Ubuntu switched to favoring strongswan due in part to the upstream deprecation of racoon. That, at the time of release of Trusty and onwards, comprised our recommendation that users switch to strongswan for IPsec support. ipsec-tools/racoon is maintained since then by community volunteers only.
Note that in both cases someone needs to volunteer appropriate testing and consideration of others' use cases to successfully get a fix landed in Ubuntu.
Summary:
The Precise is in main but not affected.
Xenial onwards, the package is in universe because Ubuntu switched to favoring strongswan due in part to the upstream deprecation of racoon. That, at the time of release of Trusty and onwards, comprised our recommendation that users switch to strongswan for IPsec support. ipsec-tools/racoon is maintained since then by community volunteers only.
If you'd like to patch Xenial for the CVE, then please see https:/ /wiki.ubuntu. com/SecurityTea m/UpdateProcedu res and https:/ /wiki.ubuntu. com/SecurityTea m/SponsorsQueue for details on how to contribute that.
If you'd like to patch Bionic to fix the regression, then please see https:/ /wiki.ubuntu. com/StableRelea seUpdates# Procedure for details on how to contribute this.
Note that in both cases someone needs to volunteer appropriate testing and consideration of others' use cases to successfully get a fix landed in Ubuntu.