severity 999811 serious
thanks
As reported in #999811 the haveged package is obsolete starting in linux
5.6 and newer, as the kernel adopted a similar algorithm and also
stopped blocking /dev/random reads.
I am upgrading severity to serious because I believe this is release
critical for bookworm.
There may still be reasons to keep haveged in Debian, I do not know. (do
all archs have these >5.6 features? is it still needed in addition?)
If so:
* sid has 1.9.14, upstream is 1.9.18, several existing debian bugs are fixed
* debian should adopt/implement something like the
contrib/Fedora/haveged.service unit file mentioned that checks the
kernel version before deciding to run.
* the vast majority of debian systems with haveged installed probably no
longer need it on bullseye or newer. If the package will remain, the
README.Debian should be updated and/or NEWS.Debian to let people know.
If it's going to be removed from Debian, I'm not sure if it's better to
have one last version that informs the user, to silently go away, or
maybe something in the release notes?
Thanks,
--
Matt Taggart
m...@lackof.org
