This update fixes a high-exposure security vulnerability in PostgreSQL versions 9.0 and later.
Note: Your environment is not at risk; however we strongly encourage you to upgrade because this release contains several security patches and fixes. By default, Engine Yard does not open database ports to the outside world; only instances inside the same environment can use them and your application environment is locked down using AWS Security Groups.
For customers on 9.0.x: The 9.0 builds of PostgreSQL were offered exclusively through a Limited Access (alpha) program. The upgrade process for these hosts requires additional steps. You will be receiving a separate communication on this shortly. We recommend waiting until you receive this communication before proceeding with this update.
This security update contains the following sections:
You can verify the PostgreSQL version by going to the Environment page, More Options section, then click Edit Environment. Scroll down to see the version of PostgreSQL. You need to know if it is 9.2.x, or 9.1.x, or 9.0.x. Or you can [select version();] from your PostgreSQL shell.
Note: Check each app environment if you have multiple versions of PostgreSQL running in various environments.
How long will it take to back up my database?
That's entirely dependent upon the size and contents of your database. If you test using production data in a staging environment first, and you have verified the results in staging, then you can skip the backup step for the production environment.
For more information about ...
PostgreSQL 9.2.4, 9.1.9, 9.0.13 and 8.4.17 released - announcement.