Transporter availability

Similar Messages

• No BOBJ_Roles after transport available.

  Hello, (hope I get luckier here)
  /people/ingo.hilgefort/blog/2008/09/19/businessobjects-and-sap--configure-sap-authentication
  In this tutorial it is said that you can choose the imported roles you need.
  Before working this tutorial I imported the transport-files for unicode from the transport folder of the integration Kit. All transports were imported properly (as seen at TA STMS).
  But when I get to the screen for the role import (at the CMC) I don't have any roles to choose. (Typing the roles manually won't work later when logging in to InfoView).
  I also can't assign these BOBJ_* roles to a user at TA SU01 or the PFCG (Those BOBJ_* roles aren't available).
  Do I have to import the roles differently or will the roles be imported somewhere else than at STMS?
  Thanks.

  Hello community,
  we have here a system where we face the same problem.
  On the screen for the role import (at the CMC) we don't have any roles to choose.
  Systems releases are: BO XI 3.0 and SAP BW Version 7.
  Now we do research in several documentations. One  of them is called "Business Information Discovery and Delivery with SAP".
  In the doc there are 9 transports mentioned. In our SAP there are only 4 imported. 5 transports are not in. Could that be the reason?
  In are right now (Transaction: STMS)
  R21K900530   JJI            Business Objects Content Administration Workbench 
  R21K900529   JJI            Business Objects BW MDX Driver                    
  R21K900536   JJI            Business Objects Personalization objects          
  R21K900537   JJI            Business Objects ODS driver                       
  Is that enough for starting? If not. Where exactally can we get the missing transports from ? How can I get them so that our SAP basis team can do the transports? How is the process for this?
  The thing that we want to achieve is "Save a crystal report query to SAP BW". Then there is the SAP pop-up where is asked about the roles. There is nothing to choose as there are no roles available?
  Every idea is welcome... Also workarounds.
  BYE Harry

• Automatic Scheduling of Transports

  Hi,
  Is there a way in NWDI for automating the released transports from DEV to QA on a schedule?
  And also control them from QA to Prod?
  -Aarthi

  Hi,
  No, there is no automatic or scheduling of transport available in NWDI,

• JCA transport not visibible in OSB

  I am using OSB 11.1.16 on Win 7
  I do not have a JCA transport available in the drop-down; after a search of forums I saw it stated that you may need this plugin below
  $OSB_home\eclipse\plugins\*com.bea.alsb.transports.jca_1.1.0*
  Where can I find the plug in? or any other ideas of resolving this issue?

  This plugin is not getting installed as part of the regular install which completes without error. Is there anywhere to download this? Why does Oracle have such a convoluted process for simply getting the the IDE working correctly?

• MQ Transport within OSB - Put to remote Q?

  Hi Guys,
  We're working on a project down under that is targeted at an environment that makes heavy use of IBM's MQ transport.
  In developing with the MQ Transport available from Oracle we've found certain limitations in it's use, specifically:
  1) unable to put to a remote queue definition on the local queue manager.
  2) unable to put a message to a queue existing on a remote queue manager which is defined on the local queue manager.
  These examples are connecting to the local queue manager in tcp (client) mode. Putting to local queues on the local queue manager, or clustered queues visible from the local queue manager work fine.
  Surely there is a way the MQ Transport within OSB can facilitate the above 2 scenarios?
  FWIW, we're using Weblogic version 10.3.0.0 and OSB version 10gR3
  Edited by: user12006489 on Dec 20, 2009 4:09 PM
  Edited by: user12006489 on Dec 20, 2009 4:10 PM

  I should further elaborate on my initial question:
  On the local queue manager is a remote queue manager definition to another queue manager. Using the MQ Transport, how can I send a message to a queue that exists on that remote queue manager?
  In the MQ URI string ends up looking something like mq://REMOTE_QMGER/REMOTE_QUEUE, but this format violates the MQ Transport URI field formatting.
  Has anyone had any experience with this?
  Edited by: user12006489 on Dec 20, 2009 4:57 PM

• Transport Directory and queue are out of sync after the restore

  Hi all
  I got a DEV server. Running ECC6 on MAXDB over linux. One user deleted some tables and we restored the database. No file system is restored.
  Now we are having issues with the transports as the tranport directory is the latest and database is having old data about 3 days old data.
  I am not able to see the same objects that we released in the old transports before the restore neither I am able to re-import the transport.
  Please let me know the best way to make this in sync with the file system transports available.
  Thanks
  Shafquat

  Thanks for the response. I think I am not clear in my problem statement.
  We restored the whole database. Nothing at the fie system level is restored. So Trans directory is having up to date work done (Released transports etc) but after the restore the information coming through the database is the old information. Like in SE10 the transport that was released earlier still showing released but showing less number of objects than the one we actually released before the restore. Even if we try to re-import the same transport it ends up in the error.
  Please let me know how we can make file system and database in sync.
  Thanks again for the response.
  Shafquat

• Transport Directory and queue are out of sync

  Hi all
  I got a DEV server. Running ECC6 on MAXDB over linux. One user deleted some tables and we restored the database. No file system is restored.
  Now we are having issues with the transports as the tranport directory is the latest and database is having old data about 3 days old data.
  I am not able to see the same objects that we released in the old transports before the restore neither I am able to re-import the transport.
  Please let me know the best way to make this in sync with the file system transports available.
  Thanks
  Shafquat

  Thanks for the response. I think I am not clear in my problem statement.
  We restored the whole database. Nothing at the fie system level is restored. So Trans directory is having up to date work done (Released transports etc) but after the restore the information coming through the database is the old information. Like in SE10 the transport that was released earlier still showing released but showing less number of objects than the one we actually released before the restore. Even if we try to re-import the same transport it ends up in the error.
  Please let me know how we can make file system and database in sync.
  Thanks again for the response.
  Shafquat

• "Licensing timed out" when creating to Remote Desktop Connection

  Our company have two site (SiteA and SiteB),  both have its own DC (SiteA.xx.local and SiteB.yy.local).  A Windows 2012 Server setup a Terminal Service.  All SiteB user will use remote desktop to connect to the Terminal Server.
  Sometime it will prompted an error "A licensing error occurred while the client was attempting to connect (Licensing timed out).  Please try connecting to the remote computer again."   Before this error message shown, the connection box
  will show the status "Estimating connection quality" for a while (my last test this will stay for 2 min 30 sec. before Licensing timed out prompt). 
  When we face this error,  the only way to solve it is to reboot the Terminal Server.  Once reboot,  everything will be fined,  all user can connect again.   But sometime later (no fixed time period, from two hours - two days), user
  will then have this problem.  But we need to reboot server again.
  I can't found in what situation this error will happened.  But we do experienced the following situation.
  1. Sometime the a RDS Connection just stopped directly.  Then try to reconnect but failed.  In this case,  all other users are still using it.  
  2. I try to unplug a network connection for a client, it show the connection is lost and trying to reconnect.  After I plug the network back.  Cancel the reconnect process.  Then open the remote desktop again it will have the error.
  3. there has two machine will never have this problem (we have this problem for 3 months).  no matter how the connection lost.  it can built up the connection once the connection is back
  I followed some forum to enable the netlogon.log.  On the Server, I found:
  1. [MISC] [872] In control handler (Opcode: 4):  This log must there when the problem happened.
  Not sure if the following log help:
  1. NetpDcGetName: SiteA.xx.local. using cached information ( NlDcCacheEntry = 0x000000DE96694D50 )
  2.DsGetDcName function returns 0 (client PID=2088): Dom:SiteA Acct:(null) Flags: NETBIOS RET_DNS
  3. NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c03ffff1
  4. DsGetDcName function called: client PID=23532, Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS  (I found some log will be Dom:SiteA install of Dom:(null)   )
  5. NlTimeoutApiClientSession: Unbind from server \\SiteA-DC.Stingmars.hk.local (TCP) 0.
  6. NlPrintRpcDebug: Couldn't get EEInfo for I_NetLogonSamLogonEx: 1761 (may be legitimate for 0xc000006e)
  On the Client side:  Not sure if the log can help:
  07/11 11:56:01 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: DS
  07/11 11:56:01 [DNS] NlDnsHasDnsServers: DNS Server is NOT configured on this machine.
  07/11 11:56:01 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
  07/11 11:56:01 [MISC] NetpDcGetName: SiteB using cached information
  07/11 11:56:01 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: DS
  07/11 11:56:01 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: FORCE DS
  07/11 11:56:01 [DNS] NlDnsHasDnsServers: DNS Server is NOT configured on this machine.
  07/11 11:56:01 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
  07/11 11:56:01 [MAILSLOT] Sent 'Sam Logon' message to SiteB[1C] on all transports.
  07/11 11:56:01 [CRITICAL] NlBrowserSendDatagram: No transports available
  07/11 11:56:01 [CRITICAL] NetpDcGetNameNetbios: SiteB: Cannot NlBrowserSendDatagram. (1C) 53
  07/11 11:56:01 [MISC] NetpDcGetName: NetpDcGetNameNetbios returned 1355
  07/11 11:56:01 [CRITICAL] NetpDcGetName: SiteB: IP and Netbios are both done.
  07/11 11:56:01 [MISC] DsGetDcName function returns 1355: Dom:(null) Acct:(null) Flags: FORCE DS
  07/11 11:56:02 [MISC] DsGetDcName function called: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
  07/11 11:56:02 [DNS] NlDnsHasDnsServers: DNS Server is NOT configured on this machine.
  07/11 11:56:02 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
  07/11 11:56:02 [MISC] NetpDcGetName: SiteB using cached information
  07/11 11:56:02 [MISC] DsGetDcName function returns 0: Dom:(null) Acct:(null) Flags: LDAPONLY RET_DNS
  07/11 11:56:03 [SESSION] V6 Winsock Addrs: fe80::bd63:1d49:d8fd:724%12 (1) V6WinsockPnpAddresses List used to be empty.
  07/11 11:56:04 [MISC] NlPingDcNameWithContext: Ping response timeout for SiteB-DC.Stingmars.cn.local.
  07/11 11:56:04 [CRITICAL] NlPingDcNameWithContext: Can't ping the DC SiteB-DC.Stingmars.cn.local.
  07/11 11:56:04 [MISC] NetpDcInitializeContext: DSGETDC_VALID_FLAGS is c01ffff1
  Thanks
  Kenneth Lai

  Hi Kenneth,
  Thank you for posting in Windows Server Forum. 
  Please check the setting and workaround as per below thread.
  RDP connection hangs on "estimating connection quality"
  http://social.technet.microsoft.com/Forums/en-US/18819bef-5c01-4849-9c61-afb7e8c8a581/rdp-connection-hangs-on-estimating-connection-quality?forum=winserverTS
  In addition, also check below details.
  Cause:  If you are using Internet Protocol security (IPsec) to help protect traffic over TCP between clients and terminal servers, then packet fragmentation might occur. As a result, some packets might not reach their destination, and
  client connections to terminal servers might fail.
  Solution:  Configure IPsec to help protect traffic over UDP rather than over TCP.
  Hope it helps!
  Thanks.
  Dharmesh Solanki

• Authentication in ALSB while proxying FTP, MQ

  We are using ALSB for first time to proxy external messages we receive from our business partners over different protocols e.g.FTP, MQ, SOAP over HTTP. Thus we would have Proxy services configured receiving messages, one for each transport protocol, all of which place the raw message on JMS queue after the messages are authenticated and checked for data integrity.
  ALSB/WLS provides good support for authenticating SOAP over HTTP via WS-Security. However, when we receive messages over FTP or MQ, we are not very sure how do we authenticate the message sender? We can assume that the messages would contain some credentails like username/password or X509 certificate using which we will have to manually authenticate the sender.
  Any guidance on what API to use and if we would have to write any custom Identity Assertion, Authentication Provider etc for the same.
  As per my understanding, we would have to make a Javacallout from our proxy, which could make a call to weblogic.security.Authentication.login(simpleCallbackHandler) which would authenticate the user with username/password or call weblogic.security.Authantication.assertIdentity(X509Certificate) if message contains a certificate.
  Does this seem like a reasonable plan or am I missing something here?security

  For FTP security you should use the new SFTP transport available in ALSB 2.6 RP1 that leverages SSH as communication protocol.
  For MQ transport SSL is provided out of the box.
  Gregory Haardt
  ALSB Prg. Manager
  [email protected]

• Yahoo Jabber Gateway?

  Hi there Chatterers...
  Can anyone shed some light on this please?
  When I try to chat to a mate who is on Yahoo Messenger I get the little 'think bubble' come up to say he is typing. But when he sends the message it doesn't arrive!
  I know the Gateway is working fine 'cos when I use Psi i tworks fine...
  Troubled,
  Pete.

  Pete, I have a number of Yahoo buddies. They are all on Windows machines as well (but thats another issue). Anyway, I use jabber.org.au. I have an account with them, and they have both MSN and Yahoo transports available.
  I do not get the MSN icons to come through, but it has been very stable lately. Just note that when you register with the Yahoo transport it does not automatically find your Yahoo contacts and you have to add them yourself (use Psi). At least that was the case when I set mine up. They also have a very good "how to" on their site about using Jabber through ichat.

• Three-Way Pegging

  Please explain me what is Three-Way Pegging ?

  Three-Way Pegging is used to plan and schedule bulk shipments based on supply and demand information. The term three-way refers to demand items (stock requirements or customer requests), supply avails (what is produced, purchased, or in stock), and transportation avails (vehicles, vessels, or pipelines available to complete the shipment).
  The term pegging refers to the matching of demand items to supply avails and transportation avails for the purpose of scheduling of bulk shipments, such as marine voyages or pipeline batches. You plan and schedule bulk shipments, by assigning the pegged items to the Distribution Schedule in Three-Way Pegging. From the  Distribution Schedule you can create carrier nominations, as well as continuously update the schedule.

• Synchronous RFC Response Not getting Mapped

  Hi,
  I am making an RFC call from XI to SAP R/3 system.
  Scenario: File -> XI -> RFC (SAP R/3)
  The request message is picked from the File Adapter, routed through XI, and an RFC call is made on the SAP R/3. The RFC Response has to be obtained in XI, transformed and persisted using the FileAdapter.
  I have created the request and response message types and message interface in the repository. The message interface is denoted as Outbound Synchronous. The Request and Response mappings have also been made against the RFC message structure.
  I also created the business process in the repository showing the interface as Synchronous between the two actions.
  However, in the Integration Builder, when I import and configure the Business Process, the wizard does not show me the response message type or the response mappings.
  After completing the configuration, the final configuration is still one-way, and only shows the request scenario.
  I am unable to configure the response scenario in the Integration Builder.
  During runtime, the request does get invoked and the RFC gets called from XI. However, the response is lost.
  What do I need to configure to capture the RFC response into XI ?
  thanks,
  Manish

  I would guess that synchronous response is the collaboration agreement between business systems, and not related to the transports available between them.
  My scenario is as follows:
  BusinessSystem1 -> XI -> SAP R/3
  The inbound document is being sent by the FileAdapter where the SenderService is BusinessSystem1.
  I have also configured another file adapter as a receiver, and this has been configured as a channel for the BusinessSystem1.
  Even in this scenario, I am unable to configure the response in the Integration Directory.
  I am able to configure the response structures and mappings in the Integration Repository.
  Any help appreciated.
  thanks,
  Manish

• Authentication in ALSB

  hi All,
  I have configured my proxy for custom authorization. Added policy in the access control of security.
  Functionaly vise i am getting the result as desired.
  But if an unauthorised user id tries to publish the message to my proxy error is generated at console level, I am not able to extract the error to an JMS error queue.
  Is there any work around for this?

  For FTP security you should use the new SFTP transport available in ALSB 2.6 RP1 that leverages SSH as communication protocol.
  For MQ transport SSL is provided out of the box.
  Gregory Haardt
  ALSB Prg. Manager
  [email protected]

• Finding the 3rd party object in upgrade

  Hi guys,
  We have a third part package AIP integrated in R/3, the tranaction code starts with /COCKPIT/* now we are going for a upgarde, this is not supported by SAP
  1. Find the standard 3rd party objects modification is not available in SPAU sincce it is not supported by SAP, So please let me know is there any way to find the standard 3rd party objects changes?
  I can get filter the objects based on the transports available in table E071 but any other ways???
  regards,
  Prabhu

  Yes, it's free and inclusive with every AE install.
  Mylenium

• CVE-2015-1130 - Protection on Mountain Lion

  So Apple has been alerted to a serious OSX security flaw that so far they have only fixed in Yosemite.
  About the security content of OS X Yosemite v10.10.3 and Security Update 2015-004 - Apple Support
  What can we do to protect our usage on Mountain Lion when apple haven't fixed known security problems?
  I can't update to Yosemite. Far too many driver, application and music productions related issues. Sure Gatekeeper asks if we want to Open untrusted applications, but I've certainly got a number of applications that are not digitally signed and necessary for what I do.

  jspokes wrote:
  That's interesting. Can you point us to any links To the CVEs?
  For whatever reason this isn't available from the Apple Product Security archives:
  APPLE-SA-2014-10-16-1 OS X Yosemite v10.10
  OS X Yosemite v10.10 is now available and addresses the following:
  802.1X
  Impact:  An attacker can obtain WiFi credentials
  Description:  An attacker could have impersonated a WiFi access
  point, offered to authenticate with LEAP, broken the MS-CHAPv1 hash,
  and used the derived credentials to authenticate to the intended
  access point even if that access point supported stronger
  authentication methods. This issue was addressed by disabling LEAP by
  default.
  CVE-ID
  CVE-2014-4364 : Pieter Robyns, Bram Bonne, Peter Quax, and Wim
  Lamotte of Universiteit Hasselt
  AFP File Server
  Impact:  A remote attacker could determine all the network addresses
  of the system
  Description:  The AFP file server supported a command which returned
  all the network addresses of the system. This issue was addressed by
  removing the addresses from the result.
  CVE-ID
  CVE-2014-4426 : Craig Young of Tripwire VERT
  apache
  Impact:  Multiple vulnerabilities in Apache
  Description:  Multiple vulnerabilities existed in Apache, the most
  serious of which may lead to a denial of service. These issues were
  addressed by updating Apache to version 2.4.9.
  CVE-ID
  CVE-2013-6438
  CVE-2014-0098
  App Sandbox
  Impact:  An application confined by sandbox restrictions may misuse
  the accessibility API
  Description:  A sandboxed application could misuse the accessibility
  API without the user's knowledge. This has been addressed by
  requiring administrator approval to use the accessibility API on an
  per-application basis.
  CVE-ID
  CVE-2014-4427 : Paul S. Ziegler of Reflare UG
  Bash
  Impact:  In certain configurations, a remote attacker may be able to
  execute arbitrary shell commands
  Description:  An issue existed in Bash's parsing of environment
  variables. This issue was addressed through improved environment
  variable parsing by better detecting the end of the function
  statement. This update also incorporated the suggested CVE-2014-7169
  change, which resets the parser state. In addition, this update
  added a new namespace for exported functions by creating a function
  decorator to prevent unintended header passthrough to Bash. The names
  of all environment variables that introduce function definitions are
  required to have a prefix "__BASH_FUNC<" and suffix ">()" to prevent
  unintended function passing via HTTP headers.
  CVE-ID
  CVE-2014-6271 : Stephane Chazelas
  CVE-2014-7169 : Tavis Ormandy
  Bluetooth
  Impact:  A malicious Bluetooth input device may bypass pairing
  Description:  Unencrypted connections were permitted from Human
  Interface Device-class Bluetooth Low Energy devices. If a Mac had
  paired with such a device, an attacker could spoof the legitimate
  device to establish a connection. The issue was addressed by denying
  unencrypted HID connections.
  CVE-ID
  CVE-2014-4428 : Mike Ryan of iSEC Partners
  CFPreferences
  Impact:  The 'require password after sleep or screen saver begins'
  preference may not be respected until after a reboot
  Description:  A session management issue existed in the handling of
  system preference settings. This issue was addressed through improved
  session tracking.
  CVE-ID
  CVE-2014-4425
  Certificate Trust Policy
  Impact:  Update to the certificate trust policy
  Description:  The certificate trust policy was updated. The complete
  list of certificates may be viewed at
  http://support.apple.com/kb/HT6005.
  CoreStorage
  Impact:  An encrypted volume may stay unlocked when ejected
  Description:  When an encrypted volume was logically ejected while
  mounted, the volume was unmounted but the keys were retained, so it
  could have been mounted again without the password. This issue was
  addressed by erasing the keys on eject.
  CVE-ID
  CVE-2014-4430 : Benjamin King at See Ben Click Computer Services LLC,
  Karsten Iwen, Dustin Li (http://dustin.li/), Ken J. Takekoshi, and
  other anonymous researchers
  CUPS
  Impact:  A local user can execute arbitrary code with system
  privileges
  Description:  When the CUPS web interface served files, it would
  follow symlinks. A local user could create symlinks to arbitrary
  files and retrieve them through the web interface. This issue was
  addressed by disallowing symlinks to be served via the CUPS web
  interface.
  CVE-ID
  CVE-2014-3537
  Dock
  Impact:  In some circumstances, windows may be visible even when the
  screen is locked
  Description:  A state management issue existed in the handling of the
  screen lock. This issue was addressed through improved state
  tracking.
  CVE-ID
  CVE-2014-4431 : Emil Sjolander of Umea University
  fdesetup
  Impact:  The fdesetup command may provide misleading status for the
  state of encryption on disk
  Description:  After updating settings, but before rebooting, the
  fdesetup command provided misleading status. This issue was addressed
  through improved status reporting.
  CVE-ID
  CVE-2014-4432
  iCloud Find My Mac
  Impact:  iCloud Lost mode PIN may be bruteforced
  Description:  A state persistence issue in rate limiting allowed
  brute force attacks on iCloud Lost mode PIN. This issue was addressed
  through improved state persistence across reboots.
  CVE-ID
  CVE-2014-4435 : knoy
  IOAcceleratorFamily
  Impact:  An application may cause a denial of service
  Description:  A NULL pointer dereference was present in the
  IntelAccelerator driver. The issue was addressed through improved
  error handling.
  CVE-ID
  CVE-2014-4373 : cunzhang from Adlab of Venustech
  IOHIDFamily
  Impact:  A malicious application may be able to execute arbitrary
  code with system privileges
  Description:  A null pointer dereference existed in IOHIDFamily's
  handling of key-mapping properties. This issue was addressed through
  improved validation of IOHIDFamily key-mapping properties.
  CVE-ID
  CVE-2014-4405 : Ian Beer of Google Project Zero
  IOHIDFamily
  Impact:  A malicious application may be able to execute arbitrary
  code with system privileges
  Description:  A heap buffer overflow existed in IOHIDFamily's
  handling of key-mapping properties. This issue was addressed through
  improved bounds checking.
  CVE-ID
  CVE-2014-4404 : Ian Beer of Google Project Zero
  IOHIDFamily
  Impact:  An application may cause a denial of service
  Description:  A out-of-bounds memory read was present in the
  IOHIDFamily driver. The issue was addressed through improved input
  validation.
  CVE-ID
  CVE-2014-4436 : cunzhang from Adlab of Venustech
  IOHIDFamily
  Impact:  A user may be able to execute arbitrary code with system
  privileges
  Description:  An out-of-bounds write issue exited in the IOHIDFamily
  driver. The issue was addressed through improved input validation.
  CVE-ID
  CVE-2014-4380 : cunzhang from Adlab of Venustech
  IOKit
  Impact:  A malicious application may be able to read uninitialized
  data from kernel memory
  Description:  An uninitialized memory access issue existed in the
  handling of IOKit functions. This issue was addressed through
  improved memory initialization.
  CVE-ID
  CVE-2014-4407 : @PanguTeam
  IOKit
  Impact:  A malicious application may be able to execute arbitrary
  code with system privileges
  Description:  A validation issue existed in the handling of certain
  metadata fields of IODataQueue objects. This issue was addressed
  through improved validation of metadata.
  CVE-ID
  CVE-2014-4388 : @PanguTeam
  IOKit
  Impact:  A malicious application may be able to execute arbitrary
  code with system privileges
  Description:  A validation issue existed in the handling of certain
  metadata fields of IODataQueue objects. This issue was addressed
  through improved validation of metadata.
  CVE-ID
  CVE-2014-4418 : Ian Beer of Google Project Zero
  Kernel
  Impact:  A local user may be able to determine kernel memory layout
  Description:  Multiple uninitialized memory issues existed in the
  network statistics interface, which led to the disclosure of kernel
  memory content. This issue was addressed through additional memory
  initialization.
  CVE-ID
  CVE-2014-4371 : Fermin J. Serna of the Google Security Team
  CVE-2014-4419 : Fermin J. Serna of the Google Security Team
  CVE-2014-4420 : Fermin J. Serna of the Google Security Team
  CVE-2014-4421 : Fermin J. Serna of the Google Security Team
  Kernel
  Impact:  A maliciously crafted file system may cause unexpected
  system shutdown or arbitrary code execution
  Description:  A heap-based buffer overflow issue existed in the
  handling of HFS resource forks. A maliciously crafted filesystem may
  cause an unexpected system shutdown or arbitrary code execution with
  kernel privileges. The issue was addressed through improved bounds
  checking.
  CVE-ID
  CVE-2014-4433 : Maksymilian Arciemowicz
  Kernel
  Impact:  A malicious file system may cause unexpected system shutdown
  Description:  A NULL dereference issue existed in the handling of HFS
  filenames. A maliciously crafted filesystem may cause an unexpected
  system shutdown. This issue was addressed by avoiding the NULL
  dereference.
  CVE-ID
  CVE-2014-4434 : Maksymilian Arciemowicz
  Kernel
  Impact:  A local user may be able to cause an unexpected system
  termination or arbitrary code execution in the kernel
  Description:  A double free issue existed in the handling of Mach
  ports. This issue was addressed through improved validation of Mach
  ports.
  CVE-ID
  CVE-2014-4375 : an anonymous researcher
  Kernel
  Impact:  A person with a privileged network position may cause a
  denial of service
  Description:  A race condition issue existed in the handling of IPv6
  packets. This issue was addressed through improved lock state
  checking.
  CVE-ID
  CVE-2011-2391 : Marc Heuse
  Kernel
  Impact:  A local user may be able to cause an unexpected system
  termination or arbitrary code execution in the kernel
  Description:  An out-of-bounds read issue existed in rt_setgate. This
  may lead to memory disclosure or memory corruption. This issue was
  addressed through improved bounds checking.
  CVE-ID
  CVE-2014-4408
  Kernel
  Impact:  A local user can cause an unexpected system termination
  Description:  A reachable panic existed in the handling of messages
  sent to system control sockets. This issue was addressed through
  additional validation of messages.
  CVE-ID
  CVE-2014-4442 : Darius Davis of VMware
  Kernel
  Impact:  Some kernel hardening measures may be bypassed
  Description:  The random number generator used for kernel hardening
  measures early in the boot process was not cryptographically secure.
  Some of its output was inferable from user space, allowing bypass of
  the hardening measures. This issue was addressed by using a
  cryptographically secure algorithm.
  CVE-ID
  CVE-2014-4422 : Tarjei Mandt of Azimuth Security
  LaunchServices
  Impact:  A local application may bypass sandbox restrictions
  Description:  The LaunchServices interface for setting content type
  handlers allowed sandboxed applications to specify handlers for
  existing content types. A compromised application could use this to
  bypass sandbox restrictions. The issue was addressed by restricting
  sandboxed applications from specifying content type handlers.
  CVE-ID
  CVE-2014-4437 : Meder Kydyraliev of the Google Security Team
  LoginWindow
  Impact:  Sometimes the screen might not lock
  Description:  A race condition existed in LoginWindow, which would
  sometimes prevent the screen from locking. The issue was addressed by
  changing the order of operations.
  CVE-ID
  CVE-2014-4438 : Harry Sintonen of nSense, Alessandro Lobina of
  Helvetia Insurances, Patryk Szlagowski of Funky Monkey Labs
  Mail
  Impact:  Mail may send email to unintended recipients
  Description:  A user interface inconsistency in Mail application
  resulted in email being sent to addresses that were removed from the
  list of recipients. The issue was addressed through improved user
  interface consistency checks.
  CVE-ID
  CVE-2014-4439 : Patrick J Power of Melbourne, Australia
  MCX Desktop Config Profiles
  Impact:  When mobile configuration profiles were uninstalled, their
  settings were not removed
  Description:  Web proxy settings installed by a mobile configuration
  profile were not removed when the profile was uninstalled. This issue
  was addressed through improved handling of profile uninstallation.
  CVE-ID
  CVE-2014-4440 : Kevin Koster of Cloudpath Networks
  NetFS Client Framework
  Impact:  File Sharing may enter a state in which it cannot be
  disabled
  Description:  A state management issue existed in the File Sharing
  framework. This issue was addressed through improved state
  management.
  CVE-ID
  CVE-2014-4441 : Eduardo Bonsi of BEARTCOMMUNICATIONS
  QuickTime
  Impact:  Playing a maliciously crafted m4a file may lead to an
  unexpected application termination or arbitrary code execution
  Description:  A buffer overflow existed in the handling of audio
  samples. This issue was addressed through improved bounds checking.
  CVE-ID
  CVE-2014-4351 : Karl Smith of NCC Group
  Safari
  Impact:  History of pages recently visited in an open tab may remain
  after clearing of history
  Description:  Clearing Safari's history did not clear the
  back/forward history for open tabs. This issue was addressed by
  clearing the back/forward history.
  CVE-ID
  CVE-2013-5150
  Safari
  Impact:  Opting in to push notifications from a maliciously crafted
  website may cause future Safari Push Notifications to be missed
  Description:  An uncaught exception issue existed in
  SafariNotificationAgent's handling of Safari Push Notifications. This
  issue was addressed through improved handling of Safari Push
  Notifications.
  CVE-ID
  CVE-2014-4417 : Marek Isalski of Faelix Limited
  Secure Transport
  Impact:  An attacker may be able to decrypt data protected by SSL
  Description:  There are known attacks on the confidentiality of SSL
  3.0 when a cipher suite uses a block cipher in CBC mode. An attacker
  could force the use of SSL 3.0, even when the server would support a
  better TLS version, by blocking TLS 1.0 and higher connection
  attempts. This issue was addressed by disabling CBC cipher suites
  when TLS connection attempts fail.
  CVE-ID
  CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of
  Google Security Team
  Security
  Impact:  A remote attacker may be able to cause a denial of service
  Description:  A null dereference existed in the handling of ASN.1
  data. This issue was addressed through additional validation of ASN.1
  data.
  CVE-ID
  CVE-2014-4443 : Coverity
  Security
  Impact:  A local user might have access to another user's Kerberos
  tickets
  Description:  A state management issue existed in SecurityAgent.
  While Fast User Switching, sometimes a Kerberos ticket for the
  switched-to user would be placed in the cache for the previous user.
  This issue was addressed through improved state management.
  CVE-ID
  CVE-2014-4444 : Gary Simon of Sandia National Laboratories, Ragnar
  Sundblad of KTH Royal Institute of Technology, Eugene Homyakov of
  Kaspersky Lab
  Security - Code Signing
  Impact:  Tampered applications may not be prevented from launching
  Description:  Apps signed on OS X prior to OS X Mavericks 10.9 or
  apps using custom resource rules, may have been susceptible to
  tampering that would not have invalidated the signature. On systems
  set to allow only apps from the Mac App Store and identified
  developers, a downloaded modified app could have been allowed to run
  as though it were legitimate. This issue was addressed by ignoring
  signatures of bundles with resource envelopes that omit resources
  that may influence execution. OS X Mavericks v10.9.5 and Security
  Update 2014-004 for OS X Mountain Lion v10.8.5 already contain these
  changes.
  CVE-ID
  CVE-2014-4391 : Christopher Hickstein working with HP's Zero Day
  Initiative
  Note: OS X Yosemite includes Safari 8.0, which incorporates
  the security content of Safari 7.1. For further details see
  "About the security content of Safari 7.1" at
  https://support.apple.com/kb/HT6440.
  Now compare that to the Security Update for Mountain Lion and Mavericks that came out the same day:
  APPLE-SA-2014-10-16-2 Security Update 2014-005
  Security Update 2014-005 is now available and addresses the
  following:
  Secure Transport
  Available for:  OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5
  Impact:  An attacker may be able to decrypt data protected by SSL
  Description:  There are known attacks on the confidentiality of SSL
  3.0 when a cipher suite uses a block cipher in CBC mode. An attacker
  could force the use of SSL 3.0, even when the server would support a
  better TLS version, by blocking TLS 1.0 and higher connection
  attempts. This issue was addressed by disabling CBC cipher suites
  when TLS connection attempts fail.
  CVE-ID
  CVE-2014-3566 : Bodo Moeller, Thai Duong, and Krzysztof Kotowicz of
  Google Security Team