Howto implement timeout

Ok I have the following problem...
I have multiple VI's. Most of these VI's contain a loop which can theoratically loop a infinit amount of time. Some VI's which can run infinitly call VI's which can run infinitly. Now my problem is how do I timeout them. 
I got a few solutions but none that I like. 
Currently I have the following (not wanted implementation). Each VI has a timeout input. Then inside the VI I check if the VI has timed out. Now this implementation is flawed because of the following. I have A.vi and B.vi. A.vi calls B.vi. A.vi and B.vi have a input timeout. I wire the timeout of A.vi to B.vi. Now the flaw in my current design is that the timeout is sort of relative. Before B.vi is called in A.vi already some time has passed. Thus when B.vi is called in A.vi with that timeout it is possible that while B.vi is running A.vi would have timeout... but this does not happen because B.vi is still running with the same timeout of A, hence gets extended, because the timeout is added with the time when the VI is called and then compared when running. I attachted a sample VI of my current implementation. 
Now I want to be able to have a more abstract method. Something like a VI which holds the timeout. I was thinking of a functional global... however this would conflict when two VI's are running with different timeouts which both call that VI when they run in parallel. 
Hopefully someone has a clever idea/solution.
Attachments:
A.vi ‏10 KB
B.vi ‏9 KB

If A.vi calls B.vi, and you expect B.vi to be done in 100 ms it's naturally impossible for A.vi to be done in 100 ms as well if B.vi times out. You can use the timed elapsed in B output and add it to the time elapsed in A to compare it with the timeout instead. However if B does time out A will still take a bit longer to time out.
Hmmm wel that would not be possible of course because what when B will execute infinitly...
If your current approach is as simple as the demo VIs you attached, you may very rarely run into a problem when the Tick Counter rolls over, giving you a much longer timeout than you expect.  (Of course, loops with no wait are also a problem).
Sounds like what you want is to change your timeout inputs to "Timeout At" inputs, so that it times out at a given time.  Instead of comparing with the Tick Count, compare with Get Date/Time in Seconds (this also solves the rollover problem).  Then you can pass the same Timeout At value from A directly into B.  Alternatively, add the Timeout At input instead of replacing the Timeout, and set the initial value to NaN.  Check if the input is NaN - if so, get the current time in seconds, add the timeout value, and use that as the new Timeout At; otherwise, just use the Timeout At value that was passed in.
Yes I actually came up with this solution also "Timeout At" idea. But I don't really like it, I was hoping for a more abstract/generic method. Where I could just use the tickcount. 
The real issue lies in fact with the problem that I can't determine which VI's are going to be called and because they can be executed in parallel. If I could do this I could just create a notifier for that set of VI's which need a timeout check.

Similar Messages

  • UCCX Callback implementation timeout problem

    I am working on an implementation of the "Callback" function for queued callers based on the Cisco sample scripts
    BaseLineAdvQueuing and BaseLineMesageCallback.   The function works correctly.  If my agents are all in Not Ready state and callers select to leave a callback number and message then their "callback" calls are queued successfully.  When an agent is made "Ready" the callback calls are delivered in the correct order and the callbacks are processed successfully.  My problem is that the "Callback" calls time out and disappear from the queue after about 30 minuted.  If an agent becomes ready after 40 minutes there are no calls delivered to them.  I have tracked this via the Real Time Reports which show active sessions for the queued Callback calls.  These disappear from the Real Time Report after 30 mins.   Is there a way to extend this timeout?.
    Regards,
    David

    Have you checked your MIVR logs for the WFMaxExecutedStepsExceededException error?
    The logic in the Advanced Queuing script is such that it loops the Get Digit String step once ever 6 seconds.  Even if I didn't consider all the steps that your callers go through before getting there, this small section will execute 1,000 steps in 50 minutes.  Subtract off your steps above and this could easily be 20 or 30 minutes.
    The Callback script is less likely the culprit as it executes 3 steps every 30 seconds, which is 166 minutes or 2.7 hours.
    My guess is that both of you are hitting the max steps on your main script.  Check your MIVR logs to know for sure.  Post your script and I'll review it.
    Also, what is your UCCX System Parameter for Max Steps set to?
    Anthony Holloway
    Please use the star ratings to help drive great content to the top of searches.

  • Implementing timeout mechanism in a service

    Hi All
    I need to implement a self timeout mechanism in my service(a piece of java code that implement some business logic).
    so that service should timeout automatically when DB hangs or call to database server took more than usual time.
    Scneraio is :
    Clinet will set some time out from front end.
    In case DB call's from service hangs(Say due to database being down), then service should timeout automatically before the timeout set by client say 300ms -400ms before and return some exception back to the client
    kindly suggest on how to implemnt this in my service.
    Any early assistance will be higly helpful on this
    Thanks
    Nirupam

    user13556642 wrote:
    is there any exception that calls to DB hangs usually throw say SQL exception etc once it get timeout after specified amount of timeI don't think there's any "silver bullet" for what you want, but certain aspects may be configurable.
    For example, if you're using a <tt>DriverManager</tt>, you can use its <tt>setLoginTimeout()</tt> method to change the timeout for getting a <tt>Connection</tt>; but you may want to ask someone in the know what values are reasonable (or experiment yourself). I don't know whether <tt>DataSource</tt> has anything similar, but even if it does, it may not be under your control.
    And as for something like a query, how would you know when to timeout? For a single row retrieval it might be microseconds; but then again, the database might have to do 16 different joins just to get you the one you want (hopefully not).
    There is simply no way of knowing the intrinsic complexity of a request without some expertise (and probably a big wodge of experience to boot).
    Winston

  • Howto implement temporary changes / rollback in my model?

    First some background information: I'm building a project management tool. It's based on JEE, Struts 2 and uses AJAX. The model exists as a singleton within the application-server. The model is basically an object tree which consists of projects, releases, usecases, tasks, team members and employees. The model uses the observer pattern to update data when it's necessary. For instance if you change the amount of work required to solve a task, the total amount of work to finish the usecase and the total amount of work to finish the release are updated.
    I've got a dialog where a user can add and remove team members from a task and set multiple attributes on each team member. All these changes will affect the whole model (for instance, if you add an employee to the task-team this has an effect on the availability of this employee for other tasks). In the UI the user will see the result of his actions immediately, for that i need to update the model. But, what if the user hits the Cancel button? Or worse, leaves the dialog open and closes the browser? In that case I need to rollback my model. But since it's almost impossible to notice the closing of the browser reliably, rollback is not an option. So the best thing would be to work on a temporary model when the dialog opens. Then the user may change whatever he wants, and when he finally hits the OK button the temporary model needs to be merged with the "real" singleton-model (Since another user may have changed something in another task).
    Now to my question: How would you implement this? Is there a pattern one could use? Do I really have to clone the whole object tree or is there a better way to solve this?
    Thanks for your replies,
    André

    Thanks for your answers. They gave me some fresh ideas.
    Both approaches go into the same direction somehow. I like the idea of having a simple facade, that hides the complex stuff (like the copy-on-write implementation). Anyway, it really looks like my singleton implementation is too simple for what I'm doing here sigh.

  • Howto implement hand-rolled locking with SQL?

    Hi there,
    For now I used java.util.Concurrent's classes for locking critical sections which should only be modified/read by a client at a time. However now one customer would like to cluster our app and I wonder wether the locking could also be done with SQL.
    The reason why we don't use some high-level SQL constructs is that our product only uses a really very small subset of SQL.
    Any ideas wether/how double-checked locking could be implemented using SQL?
    Thank you in advance, lg Clemens

    Here is a link to a nice discussion on your topic.
    It might or might not help, but it did appear
    pertinent to your questions by talking about
    alternative methods and pros and cons of
    auto-incrementing.Ooooh are we back on this topic again? Delightful. And just in time for the holiday when I shall have the time to compose lengthy replies on the subject.
    Since the last time this subject came up (and I recall having some discussion with duffymo about it) I have been doing further thinking about it all and here are my thoughts.
    Design Stage
    A bit of a rehash of what I said before. I think it is key during the database (note database and not application) design phase to design without using auto-generated keys. Your database integrity, that is the integrity of each table and the integrity of each relationship between tables must be able to "stand up" without the use of these keys.
    In general proper database design is, I believe, a learned craft. Since the amount of poor designs, at least what I come across, seems so prolific I think a good rule of thumb would be to apply the above rule to one's design stringently as a good practice that will create proper designs.
    Creation and Deployment Phase
    When you have a solid design then before creating and deploying the database design is a good time to look at where generated keys might be appropriate. Generally speaking I recommend using them for the following reasons
    1) Ease of development. Let's face it joining key to key on an numeric column is much easier than joining on multiple variable columns.
    2) Performance. The time to access a multiple key field with variable length columns is going to be different than a single key numeric field. Now this item was refuted in the article WorkForFood linked above but I think there is an issue to consider here all the same. It all depends on the usage.
    I will certainly give you that database indexes are wonderful things and in most cases the performance differences between searching by a multiple column key vs a single column key are going to be hardly measurable. But what about updating? And what about the size of your table.
    If the database is small or the database is largely for analysis and reporting then performance is (probably) not going to be an issue. However for a large scale transaction database I think one would be foolish to dismiss the performance impact out of hand.
    3) Long-term flexibility. This was a point raised by duffymo in the last go around and it's certainly worth considering. The general theory is this, when you use non-generated keys you are locking business logic into your database design. If you need to make changes later for business reasons you are up the proverbial creek.
    Personally, while I think the point is valid I am not overly sold on this one. I think there is only so much "planning against future changes" that one can and should do. I would rather see the needs of the current design met in an effective fashion before considering this. So I guess to me if all other things are equal this a reason to use generated keys.
    Rules for Using Generated Keys
    The two rules I would like to see people use when using generated keys are as follows.
    1) Always create a constraint on the real key. Again and again I encounter systems where this has not been done. You might as well not have any keys at all with this kind of disaster. If you can't create a constraint then I think you have to go back to the design stage and rethink this.
    2) Never use generated keys when one or more foreign keys form part of the primary key. Really this advice applies exclusively to tables that form many-to-many relationships. Auto-generated keys should never ever be used in tables like this. It's just a mess waiting to happen.
    Of course the key could be several foreign keys that are each auto-generated keys in their own tables...
    Other stuff I am going to refute in the linked article that doesn't fit anywhere else
    Well mainly I don't like the concept of application generated keys. Which is discussed in some of the replies. To me that is a mix of all the cons of using generated keys and the cons of using natural keys all at the same time while adding a new level of stuff tied into your application logic that will make life more difficult in the end. I just don't like it.

  • Howto configure Timeout for database link

    Hi,
    how can I configure the expected timeout for a db link connection?
    My problem is, that I've to get data from a far distance database and the network connection is not very good.
    Sometimes it works pretty good, but often I get a not reachable error. Monitoring the server with ping shows, that the server is always alive, but the roundtrip time is high ( >200 ms).
    System: Oracle 9.2.0.5
    Linux (RedHat)
    Thanks for help
    Stephan

    Well since db links just use the underlying SQL*Net configuration, what you're actually looking for is timeout settings for SQL*Net, there are two:
    In the listener.ora file on the server:
    INBOUND_CONNECT_TIMEOUT_<listener_name> = n seconds
    Determines the limit the database listener will wait for a client connection to complete after the connection is made.
    In the sqlnet.ora file on the server:
    SQLNET.EXPIRE_TIME = n minutes
    Determines the limit for the frequency of active connection verification of a client connection.
    If the problem is you're getting disconnected because of network timeouts, it could be here or something in your LAN network settings.

  • HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity

    Hi All,
    I have implemented this concept in one of my project for (1-1 entity relationship). It worked very well. But I want try with parent child tables like (1 to many). I tried with the code given by "Adrian Nica " in previous thread. But my problem is When I make Parent table as updateable and reference I am not able to create a row for that VO at all.
    Steve, I read your reply in previous thread. But that is not helpful when you want create a new row as parent record as reference.
    Please help me to solve this....
    --Thanks
    Rama

    Hi,
    Thank you for your reply. I tried set all the attributes for parent EO to "Discriminator" which is added as "updateable and reference" in multiple updateable VO. But I am still getting " oracle.jbo.RowCreateException: JBO-25017:" and " Null Pointer Exception".
    Do I need to set the child VO also as "discriminator" attributes for that EO.
    --Thanks
    Rama

  • Howto implement toArray from Collections E

    Hi!
    I am trying to implement the generic Collection<E> interface and the toArray method is giving me trouble. Imitating the code from LinkedList, I can do this:
    public class Test<E> implements Collection<E> {
        protected E elt;
        public Test() {}
        public Test(E elt) {
            this.elt = elt;
        public <T> T[] toArray(T[] a) {
            if (a.length == 0) {
                a = (T[]) java.lang.reflect.Array.newInstance(
                        a.getClass().getComponentType(), 1); // generates unchecked warning
            Object[] ret = a;
            ret[0] = elt;
            if (a.length > 1)
                a[1] = null;
            return a;
    }However, this gives me an annoying unchecked warning. Of course, I can simply suppress the warning with @SuppressWarnings("unchecked"), but is there a Right Way of doing this that I am missing?

    Check Angelika Langer's Generics FAQ. But I don't believe there is. There are lots of places where the JDK source code has to ignore type safety and I think this is one of them.

  • Howto implement a Web Service Adapter?

    Hi all,
    Is it possible to create a Web Service Adapter, that allows external apps to pass data into CEP by calling the WebService method in that Adapater?
    The intention is to have an external J2EE application to send events to CEP for further processing.
    Any pointers are deeply appreciated.
    thank you
    Yee Thian

    Hi all,
    my question has been answered with the new FMW 11.1.1.3 release. The [updated document |http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14301/webservconfig.htm#BHCBCGHI] has a section on exposing CEP application as WS.
    thank you all, especially Andy.
    yee thian

  • Timeout for  "new BufferedReader (new InputStreamReader (System.in));"

    BufferedReader in = new BufferedReader (new InputStreamReader (System.in));
    String message = in.readLine();  The above code waits infinitely until the user enter the data from the command line and presses enter key.
    The following code can provide a timeout to the above waiting (it works fine).
    But is there a SIMPLER WAY to provide timeout for above waiting, something like setSoTimeout(int milliseconds) method in DatagramSocket, Socket and ServerSocket classes*?*
    http://www.coderanch.com/t/232213/threads/java/implement-timeout-threads
    =>
    import java.util.Timer;  
    import java.util.TimerTask;  
    import java.io.*; 
    public class test{  
    private String str = "";  
         TimerTask task = new TimerTask(){  
                 public void run(){  
              if( str.equals("") ){  
                   System.out.println( "you input nothing. exit..." );  
                   System.exit( 0 );  
         public void getInput() throws Exception{  
              Timer timer = new Timer();  
              timer.schedule( task, 10*1000 );  
              System.out.println( "Input a string within 10 seconds: " );  
              BufferedReader in = new BufferedReader(  
                   new InputStreamReader( System.in ) );  
              str = in.readLine();  
              timer.cancel();  
              System.out.println( "you have entered: "+ str );   
         public static void main( String[] args ){  
              try{  
                   (new test()).getInput();
              }catch( Exception e ){  
                   System.out.println( e );  
              System.out.println( "main exit..." );  
    }

    No. System.in doesn't have a timeout API. Sockets do.

  • Links No longer work for HowTo

    Hi,
    for the thread with the title:
    Thread: HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity Objects
    HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity Objects
    The links in the thread no longer seem to work. Could you provide the updated links?
    Thanks

    Are you following to the following link/reply?
    Steve Muench wrote:
    Please start a new thread with a new problem.
    The latest information on this topic is located in section "27.9 Creating a View Object with Multiple Updatable Entities" of the ADF Developer's Guide for Forms/4GL Developers on the ADF Learning Center at http://otn.oracle.com/products/adf/learnadf.html
    If yes, please see this link.
    27.9 Creating a View Object with Multiple Updatable Entities
    http://download.oracle.com/docs/cd/B31017_01/web.1013/b25947/bcadvvo009.htm
    Thanks,
    Hussein

  • Bind Timeout

    From a session management perspective, are bind timeouts recommended (at the server configuration level)?
    I would like to put this in place for applications that neglect to close connections to the server when they are no longer needed.
    Are there any side effects? things I need to take into design consideration that I may have overseen...

    The answer is very very specific to the environment you are running. But I can tell you that implementing timeouts was one of the best things I did prior to rolling out our directory environment. Some clients want to bind to the directory and never unbind, and get an application error if the connection is lost. So that means you can never restart your directory without causing an application error (and a complaining phone call....).
    Several vendors had to modify their applications before we would purchase their software. It's baaad implementation on their part, but without the timeout you won't discover it until it's too late.
    In the ideal world, your heavy-use client applications implement connection pools which monitor their connection and re-establish it if a connection error occurs.

  • Query on Virtual Provider with Services

    Hello everyone,
    I created a VirtualProvider and used the HowTo "Implement a VirtualProvider with Services" (Scenario 3: Any Table). Everything works fine and I can see some data with listcube. But when I'm executing a query (Bex) on the VirtualProvider I always get "'No Applicable Data Found."
    Any hints?
    Thank you very much and regards
    Johannes

    Hi Johannes,
    please run your query in rsrt in debug mode, set a break-point in your fm and check the contents of the tables related to the characteristics and keyfigures to be read as well as the selections and check if everything here works as expected.
    kind regards
    Siggi
    PS: btw, are you using a hierarchy in your query?

  • Reg : "Flattened" Master/Detail in a Single Row

    Hi All,
    I have a requirement as below :
    Structure Table. EO1
    Attirubtes Table. EO2
    The relation ship between two tables is one to one.
    My requirement is i need to show the data in Flattened Format in a table region.
    For display purpose i was able to display data.
    For performing DML operations : Like : Insert, Update , Delete. I have take a VO1 based on two EO's : EO1 and EO2' , AO for EO1 && EO2. and written query in Expert Mode.
    Here i struck, i could not understand how to proceed further. While performing update : only data in : EO1 is getting updated. EO2 data is getting committed.
    One more issue is : i could not understand how to perform insertRow() for above ?
    Please provide your suggestions.
    Regards
    Sridhar

    Hi All,
    I solved the above requirement by following the below link.
    HOWTO: Implementing a ViewObject with Multiple Updateable Dependent Entity Objects
    Thanks to AJ
    Regards
    Sridhar

  • Multiple Vulnerabilities in Apple Mac OS X

    Every few months, somebody (with a PC) emails me one of notices.
    I assume Apple does their security updates othen enough to take care of this. Or am I wrong?
    Who makes these notices?
    What should I do when I get one of these notices?
    Here's THe whole EMAIL:
    Multiple Vulnerabilities in Apple Mac OS X
    Multiple Vulnerabilities in Apple Mac OS X. The full text of the document is
    provided below.
    Joint Task Force - Global Network Operations
    U N C L A S S I F I E D
    Joint Task Force - Global Network Operations (JTF-GNO) Information Assurance
    Vulnerability Technical Advisory
    Title: Multiple Vulnerabilities in Apple Mac OS X
    References:
    Security Focus
    http://www.securityfocus.com/bid/22948
    STIG Finding Severity: Category I
    CVE:
    CVE-2005-2959
    CVE-2006-0225
    CVE-2006-0300
    CVE-2006-1516
    CVE-2006-1517
    CVE-2006-2753
    CVE-2006-3081
    CVE-2006-3469
    CVE-2006-4031
    CVE-2006-4226
    CVE-2006-4829
    CVE-2006-4924
    CVE-2006-5051
    CVE-2006-5052
    CVE-2006-5330
    CVE-2006-5679
    CVE-2006-5836
    CVE-2006-6061
    CVE-2006-6062
    CVE-2006-6097
    CVE-2006-6129
    CVE-2006-6130
    CVE-2006-6173
    CVE-2007-0229
    CVE-2007-0236
    CVE-2007-0267
    CVE-2007-0299
    CVE-2007-0318
    CVE-2007-0463
    CVE-2007-0467
    CVE-2007-0588
    CVE-2007-0719
    CVE-2007-0720
    CVE-2007-0721
    CVE-2007-0722
    CVE-2007-0723
    CVE-2007-0724
    CVE-2007-0728
    CVE-2007-0726
    CVE-2007-0730
    CVE-2007-0731
    CVE-2007-0733
    CVE-2007-1071
    Executive Summary:
    There are multiple vulnerabilities affecting Apple Mac Operating System
    (OS) X and various Apple applications running on Mac OS X. Mac OS X is a
    proprietary operating system developed and sold by Apple Computer, Inc.,
    that is included with all currently shipped Apple Macintosh computers.
    Mac OS X Server is architecturally identical to its desktop counterpart and
    usually runs on Apple's line of Macintosh server hardware. It includes
    workgroup management and administration software tools that provide
    simplified access to key network services, including a mail server, a
    directory server, and a domain name server. Apple Mac OS X is Apple's latest
    OS software architecture. These vulnerabilities exist due to unchecked
    buffers, error conditions, and incorrect security settings in the software.
    Successful exploitation of these vulnerabilities may allow a remote attacker
    to execute arbitrary code, access or modify arbitrary data, escalation of
    privileges or cause denial of service conditions.
    Technical Overview:
    There are thirty vulnerabilities affecting Apple Mac Operating System OS X
    and various Apple applications running on Mac OS X addressed in this latest
    release. An attacker could exploit these vulnerabilities by enticing a user
    to use a maliciously crafted website, image, program, or code; or by making
    use of known implementation flaws. Results of an attacker exploiting any of
    these vulnerabilities include the execution of arbitrary code, triggering a
    Denial of Service (DoS), or elevation of user privileges.
    The following specific vulnerabilities affecting Apple Mac OS X:
    ColorSync Profile Vulnerability - CVE-2007-0719 A stack buffer overflow
    exists in the handling of embedded ColorSync profiles. By enticing a user to
    open a maliciously-crafted image, an attacker can trigger the overflow,
    which may lead to an unexpected application termination or arbitrary code
    execution. This update performs additional validation of ColorSync profiles.
    Crash Reporter Vulnerability - CVE-2007-0467 Crash Reporter uses an
    admin-writable system directory to store logs of processes that have been
    unexpectedly terminated. A malicious process running as an admin can cause
    these logs to be written to arbitrary files as root, which could result in
    the execution of commands with elevated privileges. This update performs
    additional validation prior to writing to log files.
    CUPS Vulnerability - CVE-2007-0720
    A partially-negotiated SSL connection with the CUPS service may prevent
    other requests from being served until the connection is closed. Remote
    attackers may cause a denial of service during SSL negotiation This update
    implements timeouts during SSL negotiation.
    Disk Images-Helper Vulnerability - CVE-2007-0721 A memory corruption
    vulnerability exists in diskimages-helper. By enticing a user to open a
    maliciously-crafted compressed disk image, an attacker could trigger this
    issue which may lead to an unexpected application termination or arbitrary
    code execution. Mounting a maliciously-crafted disk image may lead to an
    unexpected application termination or arbitrary code execution. This update
    performs additional validation of disk images.
    AppleSingleEnding Disk Images Vulnerability - CVE-2007-0722 An integer
    overflow vulnerability exists in the handler for AppleSingleEncoding disk
    images. By enticing a local user to open a maliciously-crafted disk image,
    an attacker could trigger the overflow which may lead to an unexpected
    application termination or arbitrary code execution. Mounting a
    maliciously-crafted AppleSingleEncoding disk image may lead to an unexpected
    application termination or arbitrary code execution. This update performs
    additional validation of AppleSingleEncoding disk images.
    Multiple Malicious Disk Image Vulnerabilities - CVE-2006-6061,
    CVE-2006-6062, CVE-2006-5679, CVE-2007-0229, CVE-2007-0267,
    CVE-2007-0299
    Several vulnerabilities exist in the processing of maliciously-crafted disk
    images that may lead to an unexpected termination of system operations or
    arbitrary code execution. Since a disk image may be automatically mounted
    when visiting web sites, this allows a malicious web site to cause a denial
    of service. This update performs additional validation of downloaded disk
    images prior to mounting them.
    Directory Service (DS) Plug-In Vulnerability - CVE-2007-0723 An
    implementation flaw in DirectoryService allows an unprivileged LDAP user to
    change the local root password. The authentication mechanism in
    DirectoryService has been fixed in this release.
    Flash Player Vulnerability - CVE-2006-5330 Adobe Flash Player is updated to
    version 9.0.28.0 to fix a potential vulnerability that could allow HTTP
    request splitting attacks. This is accomplished by playing a
    maliciously-crafted Flash content on a vulnerable system. This issue is
    described as APSB06-18 on the Adobe web site at
    http://www.adobe.com/support/security/
    Multiple GNU Tar Vulnerabilities - CVE-2006-0300, CVE-2006-6097 One GNU TAR
    vulnerability involves a buffer overflow, which allows user-assisted
    attackers to cause a denial of service (application crash) and possibly
    execute arbitrary code via unspecified vectors involving PAX extended
    headers. The second GNU TAR vulnerability allows user-assisted attackers to
    overwrite arbitrary files via a tar file that contains a GNUTYPE_NAMES
    record with a symbolic link. This record is not properly handled by the
    extract_archive function in extract.c and
    extract_mangle function in mangle.c.
    HFS+ Filesystem Vulnerability - CVE-2007-0318
    An HFS+ filesystem in a mounted disk image can be constructed to trigger a
    kernel panic (denial of service) when attempting to remove a file from a
    mounted filesystem. This update performs additional validation of the
    HFS+ filesystem.
    IOKit HID Vulnerability - CVE-2007-0724 Insufficient controls in the IOKit
    HID interface allow any logged in user to capture console keystrokes,
    including passwords and other sensitive information of other users on a
    local system. This update limits HID device events to processes belonging to
    the current console user.
    ImageIO GIF Vulnerability - CVE-2007-1071 An integer overflow vulnerability
    exists in the process of handling GIF files. By enticing a user to open a
    maliciously-crafted image, an attacker can trigger the overflow which may
    lead to an unexpected application termination or arbitrary code execution.
    This issue does not affect systems prior to Mac OS X v10.4.
    ImageIO Raw Images Vulnerability - CVE-2007-0733 A memory corruption issue
    exists in the process of handling RAW images.
    By enticing a user to open a maliciously-crafted RAW image, an attacker can
    trigger the issue which may lead to an unexpected application termination or
    arbitrary code execution. This update performs additional validation of RAW
    images. This issue does not affect systems prior to Mac OS X v10.4.
    Kernel Vulnerability via fpathconf() System Call - CVE-2006-5836 Malicious
    local users may be able to cause a denial of service by using the
    fpathconf() system call on certain file types. The result of this action
    would be a kernel panic (denial of service). This update improves the
    handling for all kernel defined file types.
    Kernel Vulnerability via Universal Mach-O Binaries - CVE-2006-6129 An
    integer overflow vulnerability exists in the loading of maliciously-crafted
    Universal Mach-O binaries. This could allow a malicious local user to cause
    a kernel panic, an arbitrary code execution, or the elevation of system
    privileges. This update performs additional validation of Universal
    binaries.
    Kernel Vulnerability via sharedregion_make_privatenp() System Call -
    CVE-2006-6173
    The sharedregion_make_privatenp() system call allows a maliciously-crafted
    program to request a large allocation of kernel memory. This could allow a
    malicious local user to cause a system hang.
    This issue does not allow an integer overflow to occur, and it cannot lead
    to arbitrary code execution. This update incorporates additional validation
    of the arguments passed to sharedregion_make_privatenp().
    Multiple MySQL Server Vulnerabilities - CVE-2006-1516, CVE-2006-1517,
    CVE-2006-2753, CVE-2006-3081, CVE-2006-4031, CVE-2006-4226,
    CVE-2006-3469
    Multiple vulnerabilities exist in MySQL which could be exploited by
    attackers making use of known system flaws via specially crafted codes.
    In addition to being able to execute arbitrary code, the attacker could also
    exploit these vulnerabilities causing a denial of service or buffer
    over-read; obtaining sensitive information; and creating/accessing a
    database.
    Networking Vulnerability via AppleTalk Protocol Handler - CVE-2006-6130 A
    memory corruption issue exists in the AppleTalk protocol handler. This could
    allow a malicious local user to cause a kernel panic, or gain system
    privileges to execute arbitrary code. This update performs additional
    validation of the input data structures.
    Networking Vulnerability via AppleTalk Requests - CVE-2007-0236 A heap
    buffer overflow vulnerability exists in the AppleTalk protocol handler. By
    sending a maliciously-crafted request, a local user can trigger the overflow
    which may lead to a denial of service or arbitrary code execution. This
    update performs additional validation of the input data.
    OpenSSH Keys Vulnerability - CVE-2007-0726 A remote attacker can destroy
    established trust between SSH hosts by causing SSH Keys to be regenerated.
    SSH keys are created on a server when the first SSH connection is
    established. An attacker connecting to the server before SSH has finished
    creating the keys could force the keys then to be recreated. This could
    result in a denial of service against processes that rely on a trust
    relationship with the server.
    Systems that already have SSH enabled and have rebooted at least once are
    not vulnerable to this issue. This issue is addressed by improving the SSH
    key generation process. This issue is specific to the Apple implementation
    of OpenSSH.
    Multiple OpenSSH Vulnerabilities - CVE-2006-0225, CVE-2006-4924,
    CVE-2006-5051, CVE-2006-5052 Multiple vulnerabilities exist in OpenSSH, to
    include compilation and faulty authentication errors. An attacker could use
    these vulnerabilities in specially crafted codes/commands to cause the
    execution of arbitrary code, or a denial of service.
    USB Printing Vulnerability - CVE-2007-0728 Insecure file operations may
    occur during the initialization of a USB printer. An unprivileged attacker
    with system privileges may leverage this issue to create or overwrite
    arbitrary files on the system. This update improves the printer
    initialization process.
    QuickDraw PICT Image Processing Vulnerability - CVE-2007-0588 A heap buffer
    overflow vulnerability exists in QuickDraw's PICT image processing. By
    enticing a user to open a maliciously-crafted PICT image, an attacker can
    trigger the overflow which may lead to an unexpected application termination
    or arbitrary code execution. This update performs additional validation of
    PICT files.
    servermgrd Authentication Credentials Vulnerability - CVE-2007-0730 An issue
    in Server Manager's validation of authentication credentials could allow a
    remote attacker without valid credentials to alter the system configuration.
    This update addresses the issue by additional validation of authentication
    credentials.
    SMB File Server Vulnerability - CVE-2007-0731 A stack-based buffer overflow
    in the Apple-specific Samba module (SMB File Server) allows a user with
    write access to an SMB share to execute arbitrary code via a long ACLA file
    with an overly-long ACL. This could lead to a denial of service or arbitrary
    code execution. This update performs additional validation of ACLs. This
    issue does not affect systems prior to Mac OS X v10.4.
    Software Update Application Vulnerability - CVE-2007-0463 A format string
    vulnerability exists in the Software Update application.
    By enticing a user to download and open a maliciously-crafted Software
    Update Catalog file, an attacker can trigger the vulnerability which may
    lead to an unexpected application termination or arbitrary code execution.
    This update removes document bindings for Software Update Catalogs. This
    issue does not affect systems prior to Mac OS X v10.4.
    sudo Configuration Vulnerability - CVE-2005-2959 A user-modified sudo
    configuration could allow environment variables to be passed through to the
    program running as a privileged user. If sudo is configured to allow an
    otherwise unprivileged user to execute a given bash script with elevated
    privileges, the user may be able to execute arbitrary code with elevated
    privileges. Systems with the default sudo configuration are not vulnerable
    to this issue. This issue has been addressed by updating sudo to 1.6.8p12.
    Further information is available via the sudo web site at
    http://www.sudo.ws/sudo/current.html
    Blojsom WebLog Vulnerability - CVE-2006-4829 A cross-site scripting
    vulnerability exists in Blojsom. This allows remote attackers to inject
    JavaScript into blog content that will execute in the domain of the Blojsom
    server. This update performs additional validation of the user input. This
    issue does not affect systems prior to Mac OS X v10.4.
    Vulnerable Applications/Systems and Countermeasures:
    Vulnerable applications/systems with fixes available:
    Compliance is RECOMMENDED. Although this notice is a Technical Advisory,
    Systems Administrators should strongly consider implementing these updates.
    Apple Mac OS X 10.3.9
    Apple Mac OS X 10.4.0
    Apple Mac OS X 10.4.1
    Apple Mac OS X 10.4.2
    Apple Mac OS X 10.4.3
    Apple Mac OS X 10.4.4
    Apple Mac OS X 10.4.5
    Apple Mac OS X 10.4.6
    Apple Mac OS X 10.4.7
    Apple Mac OS X 10.4.8
    Apple Mac OS X Server 10.3.9
    Apple Mac OS X Server 10.4.0
    Apple Mac OS X Server 10.4.1
    Apple Mac OS X Server 10.4.2
    Apple Mac OS X Server 10.4.3
    Apple Mac OS X Server 10.4.4
    Apple Mac OS X Server 10.4.5
    Apple Mac OS X Server 10.4.6
    Apple Mac OS X Server 10.4.7
    Apple Mac OS X Server 10.4.8
    Temporary Mitigation Strategies
    None
    Vulnerable applications/systems with no patches available, vendor temporary
    recommended mitigations available:
    Permanent fixes are not available. Temporary mitigations have been provided
    to protect vulnerable systems until permanent patches are available.
    Administrators should consider using the temporary mitigations provided or
    develop local strategies to protect vulnerable systems from attack.
    None
    Vulnerable applications/systems with no patch or temporary recommended
    mitigations:
    There are no patches or temporary mitigations available. Administrators
    should consider developing strategies to protect vulnerable systems based on
    local mission requirements and operational impact. As patches or workarounds
    become available the status will be upgraded to "Fix available" or
    "Mitigation Available".
    None
    Unsupported Software:
    Mac OS X versions prior to 10.3.9

    Who's sending you these emails and why? It sounds like a Windows apologist with an inferiority complex trying to make OS X look bad. The facts are that there are no viruses or malware in the wild at this time actively compromising OS X users. Discovered flaws and vulnerabilities do not immediately translate into active malware on OS X like they do on Windows. Apple releases security updates on a regular basis. The recent OS X 10.4.9 update, for example, provided fixes for some 45 known security issues. OS X is by no means a perfect piece of code but you are infinitely safer on the internet using OS X than you are using any version of Windows, including the new Vista.
    As to who makes these notices there are security researchers and companies whose job it is to find and report security flaws in any operating system or application they choose to inspect. They provide a valuable service to companies like Apple and Microsoft in helping them close holes in their software.
    CVE stands for "Common Vulnerabilities and Exposures" and is a standardized way of cataloging security issues. CVE is supported by CERT (Computer Emergency Response Team) which in turn is supported by the Federal Government and the Department of Homeland Security.
    Here is the web site link...
    http://cve.mitre.org/about/
    The best response when you get one of these emails is to do nothing. Instead, keep your system current and up-to-date with all security updates and OS X updates released by Apple. And above all, don't worry.
    Dual 2.5GHz G5 Power Macintosh   Mac OS X (10.4.9)  

Maybe you are looking for

  • IPhone activation lock problem please help

    My friend has bougth an iPhone 5 with iOS 7 through OLX . OLX is a website like craiglist where people buy there products directly to sellers. iPhone 5 when he bougth was good and was in working condition. He bougth it yesterday.But suddenly in the n

  • Exporting the flash movie with all the associated files linked in?

    Hey guys i have a movie that has a swf player practically on every page playing a number of different videos. When I export it usually and play it on another computer the flash file won't play the videos as they simply are not there! Is there a way I

  • File(windows)---- xi ---- file(unix)

    Hi All, Our scenario is FILE(windows)-> XI -> FILE(unix). Our System is configured on J2SE and we have configured a local adapter engine for this. We have 3 folders at Source End say Source, OK and NOT OK. Our requirment is to move file to OK if the

  • Howto implement temporary changes / rollback in my model?

    First some background information: I'm building a project management tool. It's based on JEE, Struts 2 and uses AJAX. The model exists as a singleton within the application-server. The model is basically an object tree which consists of projects, rel

  • IDOC Server issue using JCo3

    Hi, u201CI am trying to send MATMAS IDOC from SAP to non-SAP system using JCo3. But it is giving error RFC_ERROR_INTERNAL: COMMUNICATION_FAILURE Cannot lock transaction". I checked this error in  TCode SM58 in SAP system. However, I am able to send s