Missing Config Adjustments in Debian Packages

As requested by vmassol I'm creating a new issue for some Debian package config issues.

Besides the cache settings tracked in XWIKI-15756 (or a related follow-up issue, see https://jira.xwiki.org/browse/XWIKI-15756?focusedCommentId=102129&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-102129 ) there are some other recommended configuration settings which are not correctly specified by the Debian packages (see https://forum.xwiki.org/t/ldap-stopped-working-11-1/4583/14 for reference):

1. Instead of /dev/random, /dev/urandom should be used to generate session IDs and similar, as it's done by the docker container: https://github.com/xwiki-contrib/docker-xwiki/blob/master/template/tomcat/setenv.sh#L35 (I guess this would not have any security impact as generated IDs will still be "good enough" and "securerandom" isn't used to perform actual encryption by Xwiki, I assume?)
2. Apparently there are some slash-related config settings which should also be enabled for the Debian packages, see the same link as above. (Will this solve the problem that pages with a slash in their name only emit errors / are inaccessible in Tomcat?)