CVE request: weak PRNG in GNU Classpath

[Florian Weimer <fw () deneb enyo de>]

<http://gcc.gnu.org/bugzilla/show_bug.cgi?id=38417>

The random number generator in the gnu.java.security.util.PRNG class
of GNU Classpath version 0.97.2 and earlier produces only a limited
number of distinct byte streams, which may lead to guessable
cryptographic key material and similar vulnerabilities.