The /dev/random issue is one of the issues, yes. One other is that GnuTLS seems to fail if used twice inside the same address space, such as receiving messages via SMTP over TLS and doing lookups via ldaps if both exim and libldap are linked against the same gnutls libs.
Odd. The gnutls library is versioned (on debian anyway) to prevent that being a problem. Do you have a reference? Maybe someone forgot to enable thread safety for libgcrypt. Have a nice day, -- Martijn van Oosterhout <kleptog@gmail.com> http://svana.org/kleptog/