No, not at all, it's an inevitable result of Debian's conceit of "fixing" upstream source trees.
An ... I hesitate to call him an engineer ... used one of the standard lint tools or GCC or whatever on OpenSSL I think it was, and noticed the use of an uninitialized variable. This was deliberate, it was added to the entropy the program was using; might not be too random, but "it couldn't hurt".
So he communicated with them, and they told him it was OK to eliminate it. Without further talking to them, he also eliminated akin bit where the serious entropy was added, so for years Debian generated trivially breakable keys.
It'll be a while before anyone can judge if this or "Heartbleed" is the worse open-source security screwup, but until the latter just developed I certainly rated it as #1.
However this is the first time I've heard it alleged it was sabotage; it could have been, disguised as stupidity, but that it was "clearly sabotaged – a known fact" is utterly false at this time.
