AWS AmazonRDS documentation change
Summary
Added notes specifying limited cryptographic algorithm support (SHA256/SHA384/SHA512 for checksums, AES192/AES256 for encryption) for Oracle Database 26ai
Security assessment
Documents cryptographic restrictions for new Oracle version but doesn't indicate a vulnerability fix. Adds security feature documentation by specifying approved algorithms.
Diff
diff --git a/AmazonRDS/latest/UserGuide/Oracle.Options.NNE.Options.md b/AmazonRDS/latest/UserGuide/Oracle.Options.NNE.Options.md index 507a5b01c..0fef2aa72 100644 --- a//AmazonRDS/latest/UserGuide/Oracle.Options.NNE.Options.md +++ b//AmazonRDS/latest/UserGuide/Oracle.Options.NNE.Options.md @@ -16,0 +17,11 @@ When you use commas to separate values for an option setting, don't put a space +###### Note + +For Oracle Database 26ai, Amazon RDS supports a limited set of algorithms for the following option settings: + + * For `SQLNET.CRYPTO_CHECKSUM_TYPES_CLIENT` and `SQLNET.CRYPTO_CHECKSUM_TYPES_SERVER`, only `SHA256`, `SHA384`, and `SHA512` are supported. + + * For `SQLNET.ENCRYPTION_TYPES_CLIENT` and `SQLNET.ENCRYPTION_TYPES_SERVER`, only `AES256` and `AES192` are supported. + + + + @@ -42,0 +54,4 @@ If the setting is `TRUE`, clients can connect when they use the preceding non-se + +###### Note + +For Oracle Database 26ai, only `SHA256`, `SHA384`, and `SHA512` are supported. @@ -43,0 +59,4 @@ If the setting is `TRUE`, clients can connect when they use the preceding non-se + +###### Note + +For Oracle Database 26ai, only `SHA256`, `SHA384`, and `SHA512` are supported. @@ -64,0 +84,4 @@ You can specify either one value or a comma-separated list of values. If you use + +###### Note + +For Oracle Database 26ai, only `AES256` and `AES192` are supported. @@ -80,0 +104,4 @@ You can specify either one value or a comma-separated list of values. If you use +###### Note + +For Oracle Database 26ai, only `AES256` and `AES192` are supported. +