AWS AmazonRDS high security documentation change
Summary
Updated SSL version from 1.0 to 1.2 in example commands.
Security assessment
Changing SSL version from insecure 1.0 to secure 1.2 addresses TLS protocol vulnerabilities (CVE-2014-3566 POODLE). Concrete evidence: Value changed from 1.0 to 1.2.
Diff
diff --git a/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.SSL.OptionGroup.md b/AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.SSL.OptionGroup.md index 22ae3a475..6651b1f57 100644 --- a//AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.SSL.OptionGroup.md +++ b//AmazonRDS/latest/UserGuide/Appendix.Oracle.Options.SSL.OptionGroup.md @@ -55 +55 @@ For Linux, macOS, or Unix: - --options 'OptionName=SSL,Port=2484,VpcSecurityGroupMemberships="sg-68184619",OptionSettings=[{Name=SQLNET.SSL_VERSION,Value=1.0}]' + --options 'OptionName=SSL,Port=2484,VpcSecurityGroupMemberships="sg-68184619",OptionSettings=[{Name=SQLNET.SSL_VERSION,Value=1.2}]' @@ -60 +60 @@ For Windows: - --options 'OptionName=SSL,Port=2484,VpcSecurityGroupMemberships="sg-68184619",OptionSettings=[{Name=SQLNET.SSL_VERSION,Value=1.0}]' + --options 'OptionName=SSL,Port=2484,VpcSecurityGroupMemberships="sg-68184619",OptionSettings=[{Name=SQLNET.SSL_VERSION,Value=1.2}]'