diff --git a/SOURCES/libreswan-4.4-ikev1-disable-diagnostics.patch b/SOURCES/libreswan-4.4-ikev1-disable-diagnostics.patch
new file mode 100644
index 0000000..0f5bc47
--- /dev/null
+++ b/SOURCES/libreswan-4.4-ikev1-disable-diagnostics.patch
@@ -0,0 +1,20 @@
+Index: libreswan-4.4/programs/pluto/ikev1.c
+===================================================================
+--- libreswan-4.4.orig/programs/pluto/ikev1.c
++++ libreswan-4.4/programs/pluto/ikev1.c
+@@ -2102,7 +2102,6 @@ void process_packet_tail(struct msg_dige
+ 					diag_t d = pbs_in_struct(&md->message_pbs, &isakmp_ignore_desc,
+ 								 &pd->payload, sizeof(pd->payload), &pd->pbs);
+ 					if (d != NULL) {
+-						llog_diag(RC_LOG, st->st_logger, &d, "%s", "");
+ 						LOG_PACKET(RC_LOG_SERIOUS,
+ 							   "%smalformed payload in packet",
+ 							   excuse);
+@@ -2171,7 +2170,6 @@ void process_packet_tail(struct msg_dige
+ 						 &pd->payload, sizeof(pd->payload),
+ 						 &pd->pbs);
+ 			if (d != NULL) {
+-				llog_diag(RC_LOG, st->st_logger, &d, "%s", "");
+ 				LOG_PACKET(RC_LOG_SERIOUS,
+ 					   "%smalformed payload in packet",
+ 					   excuse);
diff --git a/SPECS/libreswan.spec b/SPECS/libreswan.spec
index 81671a4..cba815c 100644
--- a/SPECS/libreswan.spec
+++ b/SPECS/libreswan.spec
@@ -37,7 +37,7 @@ Name: libreswan
 Summary: IPsec implementation with IKEv1 and IKEv2 keying protocols
 # version is generated in the release script
 Version: 4.4
-Release: %{?prever:0.}1%{?prever:.%{prever}}%{?dist}
+Release: %{?prever:0.}4%{?prever:.%{prever}}%{?dist}
 License: GPLv2
 Url: https://libreswan.org/
 
@@ -52,6 +52,7 @@ Patch1: libreswan-4.3-maintain-different-v1v2-split.patch
 Patch2: libreswan-3.32-1861360-nodefault-rsa-pss.patch
 Patch3: libreswan-4.1-maintain-obsolete-keywords.patch
 Patch6: libreswan-4.3-1934186-config.patch
+Patch7: libreswan-4.4-ikev1-disable-diagnostics.patch
 
 BuildRequires: audit-libs-devel
 BuildRequires: bison
@@ -110,6 +111,7 @@ Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04
 %patch2 -p1
 %patch3 -p1
 %patch6 -p1
+%patch7 -p1
 
 # linking to freebl is not needed
 sed -i "s/-lfreebl //" mk/config.mk
@@ -213,6 +215,15 @@ certutil -N -d sql:$tmpdir --empty-password
 %attr(0644,root,root) %doc %{_mandir}/*/*
 
 %changelog
+* Fri Jan 14 2022 Daiki Ueno <dueno@redhat.com> - 4.4-4
+- Resolves: rhbz#2036902 rebuild to enable rpminspect
+
+* Wed Jan 12 2022 Daiki Ueno <dueno@redhat.com> - 4.4-3
+- Resolves: rhbz#2036902: fix patch application
+
+* Fri Jan  7 2022 Daiki Ueno <dueno@redhat.com> - 4.4-2
+- Resolves: rhbz#2036902 ikev1: disable diagnostics logging on receiving malformed packets
+
 * Wed May 26 2021 Daiki Ueno <dueno@redhat.com> - 4.4-1
 - Resolves: rhbz#1958968 Rebase libreswan to 4.4
 - Resolves: rhbz#1954423 Libreswan: TS_UNACCEPTABLE on multiple connections between the same peers