I just came across a reference [1] on potential flaws in the linux kernel PRNG (Pseudo-Random Number Generator). Does anyone know if CVE's have been issued for these problems and/or whether they have been fixed either upstream or in debian? If not, someone should issue requests for CVE's. Thanks for any thoughts. Regards, Mike [1] http://eprint.iacr.org/2006/086.pdf