AWS greengrass medium security documentation change
Summary
Updated component version range from 2.2.2-2.2.4 to 2.2.2-2.2.5 and added release notes for version 2.2.5 mentioning a fix for secret fetching from AWS Cloud when not in local cache
Security assessment
The change addresses a bug where secrets might not be properly retrieved from the cloud, which could lead to security risks from using stale or missing secrets. The explicit mention of fixing secret retrieval qualifies as a security-related fix.
Diff
diff --git a/greengrass/v2/developerguide/secret-manager-component.md b/greengrass/v2/developerguide/secret-manager-component.md index 444d61eda..3e9426242 100644 --- a//greengrass/v2/developerguide/secret-manager-component.md +++ b//greengrass/v2/developerguide/secret-manager-component.md @@ -118 +118 @@ When you deploy a component, AWS IoT Greengrass also deploys compatible versions -2.2.2 – 2.2.4 +2.2.2 – 2.2.5 @@ -121 +121 @@ When you deploy a component, AWS IoT Greengrass also deploys compatible versions -The following table lists the dependencies for versions 2.2.2 through 2.2.4 of this component. +The following table lists the dependencies for versions 2.2.2 through 2.2.5 of this component. @@ -351,0 +352,4 @@ The following table describes the changes in each version of the component. +2.2.5 | + +Bug fixes and improvements + Fixes an issue where a secret doesn't get fetched from the AWS Cloud if it isn't present in the local cache.