AWS AmazonElastiCache documentation change
Summary
Updated terminology from 'self-designed clusters' to 'node-based clusters' in CVE documentation and service update references
Security assessment
The changes involve terminology updates (self-designed → node-based clusters) and do not introduce or address specific security vulnerabilities. The core security guidance (upgrading versions, applying patches) remains unchanged. No evidence of a new vulnerability being documented or patched.
Diff
diff --git a/AmazonElastiCache/latest/dg/cve.md b/AmazonElastiCache/latest/dg/cve.md index f7b8a08cd..2bb928893 100644 --- a//AmazonElastiCache/latest/dg/cve.md +++ b//AmazonElastiCache/latest/dg/cve.md @@ -9 +9 @@ Common Vulnerabilities and Exposures (CVE) is a list of entries for publicly kno -We recommend that you always upgrade to the latest ElastiCache Valkey, Redis OSS or ElastiCache Memcached versions to be protected against known vulnerabilities. When operating an ElastiCache Serverless Cache, CVE fixes are automatically applied to your cache. When operating self-designed clusters with Valkey or Redis OSS, ElastiCache exposes the PATCH component. For example, when using ElastiCache for Redis OSS version 6.2.6, the major version is 6, the minor version is 2, and the patch version is 6. PATCH versions are for backwards-compatible bug fixes, security fixes, and non-functional changes. +We recommend that you always upgrade to the latest ElastiCache Valkey, Redis OSS or ElastiCache Memcached versions to be protected against known vulnerabilities. When operating an ElastiCache Serverless Cache, CVE fixes are automatically applied to your cache. When operating node-based clusters with Valkey or Redis OSS, ElastiCache exposes the PATCH component. For example, when using ElastiCache for Redis OSS version 6.2.6, the major version is 6, the minor version is 2, and the patch version is 6. PATCH versions are for backwards-compatible bug fixes, security fixes, and non-functional changes. @@ -11 +11 @@ We recommend that you always upgrade to the latest ElastiCache Valkey, Redis OSS -You can use the following table to verify whether a particular version of ElastiCache Valkey and Redis OSS has a fix for a specific security vulnerability. If your ElastiCache Valkey or Redis OSS cluster is running a version without the security fix, refer to the table below and take action. You can either upgrade to a more recent ElastiCache Valkey or Redis OSS version containing the fix, or if you are on a version containing the fix, ensure you have the latest service update applied by referring to [Managing service updates for self-designed clusters](./Self-Service-Updates.html#managing-updates). For more information on the supported ElastiCache engine versions and how to upgrade, see [Engine versions and upgrading in ElastiCache](./engine-versions.html). +You can use the following table to verify whether a particular version of ElastiCache Valkey and Redis OSS has a fix for a specific security vulnerability. If your ElastiCache Valkey or Redis OSS cluster is running a version without the security fix, refer to the table below and take action. You can either upgrade to a more recent ElastiCache Valkey or Redis OSS version containing the fix, or if you are on a version containing the fix, ensure you have the latest service update applied by referring to [Managing service updates for node-based clusters](./Self-Service-Updates.html#managing-updates). For more information on the supported ElastiCache engine versions and how to upgrade, see [Engine versions and upgrading in ElastiCache](./engine-versions.html). @@ -17 +17 @@ You can use the following table to verify whether a particular version of Elasti - * An asterisk (*) in the following table indicates you must have the latest service update applied for the ElastiCache for Redis OSS Cluster running the ElastiCache for Redis OSS Version specified in order to address the security vulnerability. For more information on how to verify you have the latest service update applied for the ElastiCache for Redis OSS version your cluster is running on, see [Managing service updates for self-designed clusters](./Self-Service-Updates.html#managing-updates). + * An asterisk (*) in the following table indicates you must have the latest service update applied for the ElastiCache for Redis OSS Cluster running the ElastiCache for Redis OSS Version specified in order to address the security vulnerability. For more information on how to verify you have the latest service update applied for the ElastiCache for Redis OSS version your cluster is running on, see [Managing service updates for node-based clusters](./Self-Service-Updates.html#managing-updates).