I’d have to dig it, but I think it said that it added the PID and the uninitialized memory to add a bit more data to the entropy pool in a cheap way. I honestly don’t get how that additional data can be helpful. To me it’s the very opposite. The PID and the undefined memory are not as good quality as good randomness. So, even without Debian’s intervention, it was a bad idea. The undefined memory triggered valgrind, and after Debian’s patch, if it weren’t because of the PID, all keys would have been reduced to 0 randomness, which would have probably raised the alarm much sooner.
FWIW, cppfront would be the same, IMHO. It allows C++ syntax, and it just passes it through verbatim. Only transforms “syntax 2” into today’s C++. And Herb Sutter very much says that what it does is based on the papers that he’s presented for standardization, and that he’d like this approach (new syntax) land into today’s C++ compilers and the standard.
cppfront is the only one that I thought had a chance till recently. The presentations from Sean Baxter seem to finally make the community see it on a positive light (I’ve seen posts on Reddit being removed on the premise of not being C++, which I think it’s a bit unfair), so that’s good.