Nearly even worse btw.... as far as I can see,... this change is NOWHERE documented (and one really should not be expected to get the source package and look through all patches to see whether - diplomatically said - anything was modified).
The config file, e.g., still happily claims it would use /dev/[u]random. Even IF there was some reason for this change,... than it really must be visibly documented for the user (README.Debian). Now NRPE is not the most security critical package (and as I've mentioned, SSL is totally useless in it anyway)... but that could have been different. Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature
