Package: nagios-nrpe-server Version: 2.12-5 Severity: important Tags: security
Hi. I've been just shocked when I went through the patches and saw that one removes the usage of /dev/urandom and replaces it by some week seed. I mean ok, SSL in the Nagios version of NRPE is completely broken anyway... But why're you doing this? Sorry for making noise, but it seems just pointless?! This remembers so strong to Debian's OpenSSL patching around catastrophy. Even though SSL is useless anyway right now, if there's no good reason for it, please drop this patch. Cheers, Chris. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
