The following defect(s) have been fixed in this cumulative patch for the Wind River postgresql:
WIND00236083 Security Advisory - PostgreSQL - CVE-2010-3433
WIND00254779 Security Advisory - PostgreSQL - CVE-2010-4015
-------------------------------------------------------------------------------------------------------------------------------------------------
Change List:
/layers/wrll-userspace/cgl/dist/postgresql/Makefile
/layers/wrll-userspace/cgl/dist/postgresql/patches/postgresql-8.3.1-fix-CVE-2010-3433.patch
/layers/wrll-userspace/cgl/dist/postgresql/patches/postgresql-fix-CVE-2010-4015.patch
/layers/wrll-userspace/cgl/dist/postgresql/postgresql.spec
1. Unzip this patch under [install_dir]/updates.
2. From the [install_dir]/updates directory, run the command "../maintenance/wrInstaller/x86-linux2/wrInstaller".
3. Follow the instructions for installing the point patch.
4. This is a source only patch so you will have to rebuild the
postgresql package. This can be done by executing the command "make
-C build postgresql.distclean" followed by "make -C build
postgresql.rebuild"
5. Run "make fs" next
6. Upload the kernel and rootfs into the target and boot it up.
DATE: 2 Mar 2011
REVISION: Add file WRL_4_0-layers-wrll_userspace_cgl-tgt-postgresql-20110224-spin1.zip and includes fix to defect WIND00254779
DATE: 12 Nov 2010
REVISION: Add file WRL_4_0-layers-wrll_userspace_cgl-tgt-postgresql-20101109-spin1.zip and includes fix to defect WIND00236083