severity 396178 wishlist thanks On Mon, Oct 30, 2006 at 11:57:11AM +0100, Ivo De Decker wrote: > Package: libsasl2 > Version: 2.1.19-1.5sarge1 > Severity: grave > Justification: renders package unusable
> The use of /dev/random blocks all processes that use libsasl2 when the > random pool is (almost) empty. This makes the packages (and the services > that depend on it) completely unusable. > Please use /dev/urandom instead (or at least make this a runtime option). SASL is a security-sensitive library. Far from being "grave", any request that it be changed to not require good randomness as input is a wishlist bug, and one I would recommend the maintainers not implement. -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
