---

Home Security

Advisories, November 15, 2006

By

Debian GNU/Linux

Debian Security Advisory DSA 1211-1 security@debian.org
http://www.debian.org/security/
Moritz Muehlenhoff
November 14th, 2006 http://www.debian.org/security/faq

Package : pdns
Vulnerability : buffer overflow
Problem-Type : remote
Debian-specific: no
CVE ID : CVE-2006-4251

It was discovered that malformed TCP packets may lead to denial
of service and possibly the execution of arbitrary code if the
PowerDNS nameserver acts as a recursive nameserver.

For the stable distribution (sarge) this problem has been fixed
in version 2.9.17-13sarge3.

For the upcoming stable distribution (etch) this problem has
been fixed in version 3.1.4-1 of pdns-recursor.

For the unstable distribution (sid) this problem has been fixed
in version 3.1.4-1 of pdns-recursor.

We recommend that you upgrade your PowerDNS packages.

Upgrade Instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3.dsc

      Size/MD5 checksum: 1018
bbfb6bdc6ba7d812941111bf6122c69f
    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3.diff.gz

      Size/MD5 checksum: 29487
980f5e34c2ebb3dc69f89c990c87715e
    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17.orig.tar.gz

      Size/MD5 checksum: 782592
92489391182dc40012f1de7b2005ea93

Architecture independent components:

    http://security.debian.org/pool/updates/main/p/pdns/pdns-doc_2.9.17-13sarge3_all.deb

      Size/MD5 checksum: 134372
f50bddc731ddae8325a24f454e74ca68

AMD64 architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 16174
5fadd49d609082ada9589cf661a7a64e
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 106776
9152a774209958530f944315f33fa037
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 188090
312583c91d53241bc44eb0581fcbb318
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 89032
ba4afd45fbb34ba6568d54ef9b2b651f
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 57280
ec1c509ae13da4418dcaa7d3153d0f56
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 66226
46e2d2644d3756338944d16750f85d79
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 52914
bf4144931bc5ff67132fc05d0478f9b9
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 162778
3205f85892f2f9b2c2e9cc8656c1bb1a
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_amd64.deb

      Size/MD5 checksum: 566252
05fa25313e85f06968062e6c342d6d56

ARM architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 16186
7f7883c147d8614689c8784c3179f58a
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 153548
ae374daa2f304d51505e01ce24505fc9
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 318132
2315482459f72086d56dc7af5c64bf53
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 148248
7106275118831832261ff63db11a375d
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 95406
a9a0957324fecc307daa6a09eb4a2c2c
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 104136
15fca14010a66d0649fb035e44148e88
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 85550
5eb56e7a4e618aa618075244ffac2d86
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 272048
97c1458bc1600910f9e89f823f3582b4
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_arm.deb

      Size/MD5 checksum: 982434
df5275f39660a707a3169cbed1986188

HP Precision architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 16178
d4abf2b2028d8878d413e7c132bbc197
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 130898
c5b4c4447f722b9aca866c19a9033357
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 246882
161afa8568254de4581a2e13774def6a
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 114266
cb23370d33b18fef63536e0bbbf06e66
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 72546
55ea74681af341d8a7352a3121aba7c6
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 83798
3367725ed1596d1732a2142f9b7b4522
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 66746
da7c1ff09f2e9538ce56f71edd755c68
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 220004
5a6d479e03229491d51a1831ca61386f
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_hppa.deb

      Size/MD5 checksum: 727174
d5ab4f0ef4027b54d5d2fc2830028424

Intel IA-32 architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 16184
aa7f94f851d0721cc0b5aaf89f9f7efe
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 105802
684151e9a47d1e417b21192dcba49eb9
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 190030
9c44e214510304867cba5504b954e51b
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 85366
b1009512668a727b0743a4032c5d6dc0
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 55806
6028a90a62a381805771122b4a024ba4
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 64436
e1a37aaaba2e6a386d8f7a4ed3ad09ff
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 51360
517cfc2c56ad0aea60a58007ce278c67
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 165632
be7ef193fbe1bb3cf29910ab13a45346
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_i386.deb

      Size/MD5 checksum: 572642
53ff20bf735519312926f6e2264af419

Intel IA-64 architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 16176
84586e1be52db20263f37d6b0260529b
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 135730
8b1b28510711541b9d53e198d539a032
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 262690
620f0b73aaac4c673dbe77ab7b6213c6
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 112522
f72131d74251cc59f1e0a7150006df78
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 68592
49759f3dc06899c36896813ca1a3547e
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 83628
a011dae776f446aa74d5cfb02dbe58b9
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 63756
c4999bab977475f2787f2b7e71be39e3
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 229270
54b542d70d32a8169501c0adc22471a6
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_ia64.deb

      Size/MD5 checksum: 815048
3eacf1324cbbee8e12e8c29cb371653f

Big endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 16174
6eaa442fbede5a55987d3d17982e0a22
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 109640
319cb1c75d5bf2803df6ee4b0802cc00
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 200510
cde4b40fc5b402cb134adeade9f6a5ec
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 90586
b702e8b396d064726976c939363a7bbc
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 58894
72d12cd6e339b004612c4506e65d80db
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 67836
bd754444bc1bedb4290d086dd3b97e38
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 54774
4c2d18730a2d1f3ef2755b36f0041bf2
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 183108
d4fe878bf7e39c49f11e9ae7bd0cb285
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_mips.deb

      Size/MD5 checksum: 591536
6f07684b76c184298a16196aed98ed96

Little endian MIPS architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 16182
bf76e107938a4a9670caf16bb3608301
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 109400
2ed327da4606344fb7a480a4f03542a7
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 200248
f56419447b55d3fbe6429e093074d47b
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 90394
2e63b24243b22532dd907061ef7d94ab
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 58872
6d4315c21c314e24aca597512df109b1
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 67818
89c9b2fc9737146e0abca3cbfcd400f6
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 54752
02e15c479702b1e50c70f2b2f385c480
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 182620
75cbc8a157eb4105bb40d369dc760468
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_mipsel.deb

      Size/MD5 checksum: 590918
ca22699181c6824daaed2d095a722a19

PowerPC architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 16178
903a168bbe0e7a5e9d0e4feea9382ff7
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 109538
6556a3d9673470b2f829bd86b57f319c
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 195982
9471f51d5b2dd4cc7d39ab809f333240
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 90790
3e19144a64c7cff646687586ba71b009
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 60086
2f3af2b6408a4a5808ea3185e4d27a10
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 67710
4751279b9ef4482a688cd913a7986e7d
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 55132
8e3110487484b2313b249bdbcb67fc1b
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 172548
9d720daa4c896cc7452d7507833e3530
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_powerpc.deb

      Size/MD5 checksum: 592530
64d44a88dce5a92dbb0a38ed67144b70

IBM S/390 architecture:

    http://security.debian.org/pool/updates/main/p/pdns/pdns_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 16182
00ac904d37965f8a6649075dc31f6f99
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-geo_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 104428
46cc2ff75206e2cd28a0cbd811d24f2c
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-ldap_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 176864
12a00d5b075af548336ccfe2b21b87f8
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-mysql_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 82090
d66c90fa26cc98c0aa9790b9f5913359
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pgsql_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 53816
4fa1e6f49aa9a80f2ce3678c03a05018
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-pipe_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 63220
b428071b5c53a7d978ddbdd89649043d
    http://security.debian.org/pool/updates/main/p/pdns/pdns-backend-sqlite_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 49556
2fec59ecc9fcf7471e623be2c68cd02f
    http://security.debian.org/pool/updates/main/p/pdns/pdns-recursor_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 152532
1973cbd0d57aea09af20f59a0ca29524
    http://security.debian.org/pool/updates/main/p/pdns/pdns-server_2.9.17-13sarge3_s390.deb

      Size/MD5 checksum: 518362
aa0e9ad175a65736efcba6357ac6563d

These files will probably be moved into the stable distribution
on its next update.

Debian Security Advisory DSA-1212-1 security@debian.org
http://www.debian.org/security/
Noah Meyerhans
November 15, 2006

Package : openssh (1:3.8.1p1-8.sarge.6)
Vulnerability : Denial of service
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2006-4924 CVE-2006-5051
BugTraq ID : 20216 20241
Debian Bug : 392428

Two denial of service vulnerabilities have been found in the
OpenSSH server.

CVE-2006-4924

The sshd support for ssh protcol version 1 does not properly
handle duplicate incoming blocks. This could allow a remote
attacker to cause sshd to consume significant CPU resources leading
to a denial of service.

CVE-2006-5051

A signal handler race condition could potentially allow a remote
attacker to crash sshd and could theoretically lead to the ability
to execute arbitrary code.

For the stable distribution (sarge), these problems have been
fixed in version 1:3.8.1p1-8.sarge.6

For the unstable and testing distributions, these problems have
been fixed in version 1:4.3p2-4

We recommend that you upgrade your openssh package.

Upgrade instructions

wget url

will fetch the file for you
dpkg -i file.deb

will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update

will update the internal database apt-get upgrade

will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian 3.1 (stable)

Stable updates are available for alpha, amd64, arm, hppa, i386,
ia64, m68k, mips, mipsel, powerpc, s390 and sparc.

Source archives:

    http://security.debian.org/pool/updates/main/o/openssh/openssh_3.8.1p1-8.sarge.6.dsc

      Size/MD5 checksum: 842
b58f3585c4ce713f58096cc8f86e4550
    http://security.debian.org/pool/updates/main/o/openssh/openssh_3.8.1p1.orig.tar.gz

      Size/MD5 checksum: 795948
9ce6f2fa5b2931ce2c4c25f3af9ad50d
    http://security.debian.org/pool/updates/main/o/openssh/openssh_3.8.1p1-8.sarge.6.diff.gz

      Size/MD5 checksum: 157942
413fea91d9074513db60e466ca053f0d

alpha architecture (DEC Alpha)

    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_alpha.udeb

      Size/MD5 checksum: 216100
0595066001c0004f181b58e781153ae2
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_alpha.deb

      Size/MD5 checksum: 52112
dcca41fba77489a57bf5a7e9c9069e90
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_alpha.deb

      Size/MD5 checksum: 886462
71f73c733794ea68f8c8c6e05ca2e8d3
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_alpha.udeb

      Size/MD5 checksum: 195114
32b3d7e2b11a5ae016ea19d44380f0d1

amd64 architecture (AMD x86_64 (AMD64))

    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_amd64.udeb

      Size/MD5 checksum: 159608
2d8c050003def7b7a2c8832333f90cf0
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_amd64.deb

      Size/MD5 checksum: 51688
ca60feebdef5f772ab0d42b6fd2c61f0
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_amd64.deb

      Size/MD5 checksum: 748382
59cebd0c9413b12894b88f9688216847
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_amd64.udeb

      Size/MD5 checksum: 176252
d886a611e7b150786b6e3ccdac303018

arm architecture (ARM)

    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_arm.deb

      Size/MD5 checksum: 673038
a58f22f69602835be4ebe87493d6f006
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_arm.udeb

      Size/MD5 checksum: 153938
5c668e80ea8429d686f9f9999b1e450d
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_arm.deb

      Size/MD5 checksum: 51028
3fc55eba3c4ec515fb70220b5f64a8d3
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_arm.udeb

      Size/MD5 checksum: 144324
f8ca3e9ae3592445e1b18cc84f111f30

hppa architecture (HP PA RISC)

    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_hppa.udeb

      Size/MD5 checksum: 166640
ef7a980dfd7fbb3319d7be72a34783cd
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_hppa.deb

      Size/MD5 checksum: 51764
5e5dfa87acf51e46224f54b3caf39814
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_hppa.udeb

      Size/MD5 checksum: 176152
480fd653a01de9ec47801b20e28c180a
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_hppa.deb

      Size/MD5 checksum: 759876
aaced6680806080745d7e7b1b7e16105

i386 architecture (Intel ia32)

    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_i386.udeb

      Size/MD5 checksum: 133076
3e8728a64af00a02dd940350512eb5d9
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_i386.deb

      Size/MD5 checksum: 688728
15e34bcd846e85fac769f3ac3c90e14b
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_i386.deb

      Size/MD5 checksum: 51336
b0c953a6b2a8d04fd3a384bd987be243
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_i386.udeb

      Size/MD5 checksum: 146126
d0c4ab7aa9735fa5bd6b5e088cd38fe0

ia64 architecture (Intel ia64)

    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_ia64.udeb

      Size/MD5 checksum: 245060
943b8ef2aa2efebadb1382a17ec73385
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_ia64.deb

      Size/MD5 checksum: 52794
d5152cba549f21aea88e1e4f7e1156f9
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_ia64.udeb

      Size/MD5 checksum: 223128
c1343bc83aa62b8d4d0669990c890e9a
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_ia64.deb

      Size/MD5 checksum: 978348
4df605171fec285cf0d63121dcbdc226

m68k architecture (Motorola Mc680x0)

    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_m68k.udeb

      Size/MD5 checksum: 140424
703a06479b9b06d08fdccb08c3c5a0c6
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_m68k.udeb

      Size/MD5 checksum: 126882
d4a4960f8a81e0325e7e51d9de30ccb2
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_m68k.deb

      Size/MD5 checksum: 634538
db5bd8d18c409fdd0d32645229cf2b9c
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_m68k.deb

      Size/MD5 checksum: 51254
8b350a4b23bfb3791cba5b48fe5ecd5d

mips architecture (MIPS (Big Endian))

    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_mips.udeb

      Size/MD5 checksum: 180468
e5e51b59cb930e454c30464e386354a4
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_mips.deb

      Size/MD5 checksum: 51652
dc40a74947d6e20dc1069818b0b509e6
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_mips.udeb

      Size/MD5 checksum: 168434
5c60cab56f8114141c2b66ff11fdb27b
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_mips.deb

      Size/MD5 checksum: 771620
bbfea051bebdda48d80e2e85e54e59fa

mipsel architecture (MIPS (Little Endian))

    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_mipsel.deb

      Size/MD5 checksum: 51598
f1d94e4df1c066c47b1e8b0da68d1af1
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_mipsel.udeb

      Size/MD5 checksum: 168904
2812bd93c1a73475a2f5da2360c6ae84
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_mipsel.udeb

      Size/MD5 checksum: 180466
34e765b1bb88443887ab351ca1aed6b5
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_mipsel.deb

      Size/MD5 checksum: 773824
b999638c312e9d05bd70550afc44e215

powerpc architecture (PowerPC)

    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_powerpc.udeb

      Size/MD5 checksum: 160160
079367a6f51d6b971bb89569098401e3
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_powerpc.deb

      Size/MD5 checksum: 52792
232893927edddfe9e90dddf37e746c12
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_powerpc.deb

      Size/MD5 checksum: 738392
1b3480543efd3f9314f7a00279b8b995
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_powerpc.udeb

      Size/MD5 checksum: 151108
6852aaf3e53763b502d7217ad50d44b3

s390 architecture (IBM S/390)

    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_s390.deb

      Size/MD5 checksum: 51848
477de6fc5a16e8e9c8a6ee37900a0662
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_s390.udeb

      Size/MD5 checksum: 163144
ea1c37908db44852a6a8a3c6e9b46d5e
    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_s390.deb

      Size/MD5 checksum: 751564
bce6de0298a3e0e644e7732c1e38b92e
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_s390.udeb

      Size/MD5 checksum: 174552
31116868d2522f627ad4e03e7a5f83ea

sparc architecture (Sun SPARC/UltraSPARC)

    http://security.debian.org/pool/updates/main/o/openssh/ssh_3.8.1p1-8.sarge.6_sparc.deb

      Size/MD5 checksum: 678210
eb8315ac61f84552e5d0960974d8b6b8
    http://security.debian.org/pool/updates/main/o/openssh/openssh-server-udeb_3.8.1p1-8.sarge.6_sparc.udeb

      Size/MD5 checksum: 153190
60ad4beeaa93a360212614fee9059e44
    http://security.debian.org/pool/updates/main/o/openssh/ssh-askpass-gnome_3.8.1p1-8.sarge.6_sparc.deb

      Size/MD5 checksum: 51102
b7e318e55dd39c2c5a7b47cdea057005
    http://security.debian.org/pool/updates/main/o/openssh/openssh-client-udeb_3.8.1p1-8.sarge.6_sparc.udeb

      Size/MD5 checksum: 142084
b84f6dd4d0209df91c1f436e80526aea

These files will probably be moved into the stable distribution
on its next update.

For apt-get: deb http://security.debian.org/
stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security
dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org

Package info: `apt-cache show <pkg>’ and http://packages.debian.org/<pkg>

Mandriva Linux

Mandriva Linux Security Advisory MDKSA-2006:207
http://www.mandriva.com/security/

Package : bind
Date : November 14, 2006
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0, Multi
Network Firewall 2.0

Problem Description:

The BIND DNS server is vulnerable to the recently-discovered
OpenSSL RSA signature verification problem (CVE-2006-4339). BIND
uses RSA cryptography as part of its DNSSEC implementation. As a
result, to resolve the security issue, these packages need to be
upgraded and for both KEY and DNSKEY record types, new RSASHA1 and
RSAMD5 keys need to be generated using the “-e” option of
dnssec-keygen, if the current keys were generated using the default
exponent of 3.

You are able to determine if your keys are vulnerable by looking
at the algorithm (1 or 5) and the first three characters of the
Base64 encoded RSA key. RSAMD5 (1) and RSASHA1 (5) keys that start
with “AQM”, “AQN”, “AQO”, or “AQP” are vulnerable.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339


http://marc.theaimsgroup.com/?l=bind-announce&m=116253119512445

Updated Packages:

Mandriva Linux 2006.0:
1035f92172986ed63ca035de0603a0fd
2006.0/i586/bind-9.3.1-4.2.20060mdk.i586.rpm
4f5949d85f13c68220f4f5f030f63849
2006.0/i586/bind-devel-9.3.1-4.2.20060mdk.i586.rpm
f201e05548b673268038e95225451085
2006.0/i586/bind-utils-9.3.1-4.2.20060mdk.i586.rpm
4f57cbdc960171c439223f5c20952460
2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
83b6c31bef9e4df229e2fe5cf8c3aa2a
2006.0/x86_64/bind-9.3.1-4.2.20060mdk.x86_64.rpm
fb03e9a493645041816c206267a052f4
2006.0/x86_64/bind-devel-9.3.1-4.2.20060mdk.x86_64.rpm
f54babadfba3ec593563724208df1eaa
2006.0/x86_64/bind-utils-9.3.1-4.2.20060mdk.x86_64.rpm
4f57cbdc960171c439223f5c20952460
2006.0/SRPMS/bind-9.3.1-4.2.20060mdk.src.rpm

Mandriva Linux 2007.0:
6c282a7b5c3cfec534e2557926005bbf
2007.0/i586/bind-9.3.2-8.1mdv2007.0.i586.rpm
03390448f140777d62cdd76e50361526
2007.0/i586/bind-devel-9.3.2-8.1mdv2007.0.i586.rpm
7546dc98ff5e8061636a3a75d6b318fb
2007.0/i586/bind-utils-9.3.2-8.1mdv2007.0.i586.rpm
8be8a7d591971e760d1251bd75f97a6c
2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
c190d522505a16aa97891f525e0034a4
2007.0/x86_64/bind-9.3.2-8.1mdv2007.0.x86_64.rpm
594cacdac86db81b0c62a7380c6a3a2d
2007.0/x86_64/bind-devel-9.3.2-8.1mdv2007.0.x86_64.rpm
e827e65717615868896e43bcb4856f2d
2007.0/x86_64/bind-utils-9.3.2-8.1mdv2007.0.x86_64.rpm
8be8a7d591971e760d1251bd75f97a6c
2007.0/SRPMS/bind-9.3.2-8.1mdv2007.0.src.rpm

Corporate 3.0:
fa096b2fac1840797e382ba61728d47e
corporate/3.0/i586/bind-9.2.3-6.2.C30mdk.i586.rpm
0f1e56f1f3a2689443c04b52d8ce5545
corporate/3.0/i586/bind-devel-9.2.3-6.2.C30mdk.i586.rpm
99bf1f4127e97b8941b597aa5e19aa0a
corporate/3.0/i586/bind-utils-9.2.3-6.2.C30mdk.i586.rpm
2b49bd9c7edf8bd81b297260b54de32d
corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
e74bea44aee406d11c87227584790c26
corporate/3.0/x86_64/bind-9.2.3-6.2.C30mdk.x86_64.rpm
b108edf227b55f3af3ab55b48c23a62a
corporate/3.0/x86_64/bind-devel-9.2.3-6.2.C30mdk.x86_64.rpm
ba548cbba992f479ad40ecf0808f36cb
corporate/3.0/x86_64/bind-utils-9.2.3-6.2.C30mdk.x86_64.rpm
2b49bd9c7edf8bd81b297260b54de32d
corporate/3.0/SRPMS/bind-9.2.3-6.2.C30mdk.src.rpm

Corporate 4.0:
8bfc97510d4f07568d64c9b9872b4bba
corporate/4.0/i586/bind-9.3.2-7.1.20060mlcs4.i586.rpm
dda709703f8bf05f1ff59ae6132a81a7
corporate/4.0/i586/bind-devel-9.3.2-7.1.20060mlcs4.i586.rpm
daf59d23abaaaf62c990d2fa1155688c
corporate/4.0/i586/bind-utils-9.3.2-7.1.20060mlcs4.i586.rpm
ccfd1d4d79b168ab5f7998e51c305a26
corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
3d1bbe1e7d4f2de6e546996e181a16b0
corporate/4.0/x86_64/bind-9.3.2-7.1.20060mlcs4.x86_64.rpm
c1b8467d62623ef5daf35a696ab2389e
corporate/4.0/x86_64/bind-devel-9.3.2-7.1.20060mlcs4.x86_64.rpm
83cf57110f107c450aaac5931ee52ecb
corporate/4.0/x86_64/bind-utils-9.3.2-7.1.20060mlcs4.x86_64.rpm
ccfd1d4d79b168ab5f7998e51c305a26
corporate/4.0/SRPMS/bind-9.3.2-7.1.20060mlcs4.src.rpm

Multi Network Firewall 2.0:
abd228e7f0b762ae8c11c8ecd90200c2
mnf/2.0/i586/bind-9.2.3-6.2.M20mdk.i586.rpm
dd7b0785e31880a09d10957695c0552d
mnf/2.0/i586/bind-devel-9.2.3-6.2.M20mdk.i586.rpm
0a2052e5f263b8b8d94111a581928c57
mnf/2.0/i586/bind-utils-9.2.3-6.2.M20mdk.i586.rpm
eff2c78779b4285783ffea14e6e33c31
mnf/2.0/SRPMS/bind-9.2.3-6.2.M20mdk.src.rpm

To upgrade automatically use MandrivaUpdate or urpmi. The
verification of md5 checksums and GPG signatures is performed
automatically for you.

All packages are signed by Mandriva for security. You can obtain
the GPG public key of the Mandriva Security Team by executing:

gpg –recv-keys –keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

    http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>

Mandriva Linux Security Advisory MDKSA-2006:208
http://www.mandriva.com/security/

Package : openldap
Date : November 14, 2006
Affected: 2006.0, 2007.0, Corporate 3.0, Corporate 4.0

Problem Description:

An unspecified vulnerability in OpenLDAP allows remote attackers
to cause a denial of service (daemon crash) via a certain
combination of SASL Bind requests that triggers an assertion
failure in libldap.

Packages have been patched to correct this issue.

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5779

Updated Packages:

Mandriva Linux 2006.0:
b72665688e5e1ff9b6fe0e681af6cb05
2006.0/i586/libldap2.3_0-2.3.6-4.3.20060mdk.i586.rpm
84a2dc039815bb6d67683d4e63ca0621
2006.0/i586/libldap2.3_0-devel-2.3.6-4.3.20060mdk.i586.rpm
1fbf4c412d038ed9b8f858e33a35ead5
2006.0/i586/libldap2.3_0-static-devel-2.3.6-4.3.20060mdk.i586.rpm

7bcd4adfab46638fb4dad1e348bc59bf
2006.0/i586/openldap-2.3.6-4.3.20060mdk.i586.rpm
639fa71315c66e551ac238c9f3de2bd4
2006.0/i586/openldap-clients-2.3.6-4.3.20060mdk.i586.rpm
852dd34144c00b4133ec682ec51bc9e6
2006.0/i586/openldap-doc-2.3.6-4.3.20060mdk.i586.rpm
6dfb754e096a7b5938abdc2e9075f1db
2006.0/i586/openldap-servers-2.3.6-4.3.20060mdk.i586.rpm
33c1cbabec53f8a4ae97814ee00ede84
2006.0/SRPMS/openldap-2.3.6-4.3.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
6d18e8fcd352be094574246da2a79c42
2006.0/x86_64/lib64ldap2.3_0-2.3.6-4.3.20060mdk.x86_64.rpm
b27b5f57402c4a3f962804f1b704f1a2
2006.0/x86_64/lib64ldap2.3_0-devel-2.3.6-4.3.20060mdk.x86_64.rpm

c637b0949ac7724b60bac03f00844ecd
2006.0/x86_64/lib64ldap2.3_0-static-devel-2.3.6-4.3.20060mdk.x86_64.rpm

e04a970029040bc722942d6a04db4710
2006.0/x86_64/openldap-2.3.6-4.3.20060mdk.x86_64.rpm
246c24e419b857592a719e6d02f4d1d9
2006.0/x86_64/openldap-clients-2.3.6-4.3.20060mdk.x86_64.rpm
97c6bfac30389a0b3a64c7d7783a3e9a
2006.0/x86_64/openldap-doc-2.3.6-4.3.20060mdk.x86_64.rpm
31dcb6111bcb5204d47f86bf210daa27
2006.0/x86_64/openldap-servers-2.3.6-4.3.20060mdk.x86_64.rpm
33c1cbabec53f8a4ae97814ee00ede84
2006.0/SRPMS/openldap-2.3.6-4.3.20060mdk.src.rpm

Mandriva Linux 2007.0:
39b1958af245ecfcecf20c97ad4bc166
2007.0/i586/libldap2.3_0-2.3.27-1.1mdv2007.0.i586.rpm
c40f187a17e9cc9343072d2cb85c907c
2007.0/i586/libldap2.3_0-devel-2.3.27-1.1mdv2007.0.i586.rpm
26791df1fecb524951de012a18cd0bee
2007.0/i586/libldap2.3_0-static-devel-2.3.27-1.1mdv2007.0.i586.rpm

89b2d92928afb2c7ecfaa0e1cb19c2fc
2007.0/i586/openldap-2.3.27-1.1mdv2007.0.i586.rpm
110928ada569de751e90b6458f15d70c
2007.0/i586/openldap-clients-2.3.27-1.1mdv2007.0.i586.rpm
02ab9fa4f2df8939006274859bad973e
2007.0/i586/openldap-doc-2.3.27-1.1mdv2007.0.i586.rpm
f1c1cdd706a0d588169f43fdf0364798
2007.0/i586/openldap-servers-2.3.27-1.1mdv2007.0.i586.rpm
f5dca5dfc0b0b9dc943eb91329d5edd4
2007.0/SRPMS/openldap-2.3.27-1.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
842e1009b0f1df726c6782ccc44a9f8e
2007.0/x86_64/lib64ldap2.3_0-2.3.27-1.1mdv2007.0.x86_64.rpm
14a0154ec9c9c14cff5f1071792188fa
2007.0/x86_64/lib64ldap2.3_0-devel-2.3.27-1.1mdv2007.0.x86_64.rpm

08be2ac440ca59f1d572f15479c2813a
2007.0/x86_64/lib64ldap2.3_0-static-devel-2.3.27-1.1mdv2007.0.x86_64.rpm

15d356bbf748f5ac65068e51aeed23f6
2007.0/x86_64/openldap-2.3.27-1.1mdv2007.0.x86_64.rpm
d90efede17b72263125047dedfcf8ede
2007.0/x86_64/openldap-clients-2.3.27-1.1mdv2007.0.x86_64.rpm
ab5d0a91199c1e3f72bccbec7de94d9c
2007.0/x86_64/openldap-doc-2.3.27-1.1mdv2007.0.x86_64.rpm
959d798ef393b2ce85aff8311390f41c
2007.0/x86_64/openldap-servers-2.3.27-1.1mdv2007.0.x86_64.rpm
f5dca5dfc0b0b9dc943eb91329d5edd4
2007.0/SRPMS/openldap-2.3.27-1.1mdv2007.0.src.rpm

Corporate 3.0:
f3499debd45315f02d33eda18e5c86b7
corporate/3.0/i586/libldap2-2.1.25-7.3.C30mdk.i586.rpm
68ca2a014ada5bbd31214cf028b37463
corporate/3.0/i586/libldap2-devel-2.1.25-7.3.C30mdk.i586.rpm
aa5847991ac3354a5ea0a1bad87b0a67
corporate/3.0/i586/libldap2-devel-static-2.1.25-7.3.C30mdk.i586.rpm

628a3eaff7a146fb0bb1d8d90ecb42e0
corporate/3.0/i586/openldap-2.1.25-7.3.C30mdk.i586.rpm
957f7be83dbf78efd6a2d268d9141ff6
corporate/3.0/i586/openldap-back_dnssrv-2.1.25-7.3.C30mdk.i586.rpm

4ce6284c6afd75d84ea37606ae1d6e93
corporate/3.0/i586/openldap-back_ldap-2.1.25-7.3.C30mdk.i586.rpm

270c11c28dfc20c64e1533d2898d36cf
corporate/3.0/i586/openldap-back_passwd-2.1.25-7.3.C30mdk.i586.rpm

5d7d58339e9201248fc010575cb31869
corporate/3.0/i586/openldap-back_sql-2.1.25-7.3.C30mdk.i586.rpm
a9abf93db02be8a440e1552f68de461f
corporate/3.0/i586/openldap-clients-2.1.25-7.3.C30mdk.i586.rpm
276f933bf4b2b4ec2154c1711e390528
corporate/3.0/i586/openldap-doc-2.1.25-7.3.C30mdk.i586.rpm
e5413f3739f4f0b05d5613fcfe4ed440
corporate/3.0/i586/openldap-migration-2.1.25-7.3.C30mdk.i586.rpm

b853003aec279c201f340c2a4e522b6d
corporate/3.0/i586/openldap-servers-2.1.25-7.3.C30mdk.i586.rpm
184104c031fff375d12005fac7d6352e corpor

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis

Must Read

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Our Brands

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.