AWS greengrass high security documentation change
Summary
Added release notes for v2.0.1: updated local proxy binary to v3.3.0, fixed concurrency/data integrity bugs, and enforced TLS 1.2+ (disabling SSLv2/3 and TLS 1.0/1.1).
Security assessment
Explicit removal of insecure protocols (SSLv2/3, TLS 1.0/1.1) mitigates known vulnerabilities like POODLE and BEAST. Fixes for 'tunnel data integrity' bugs directly address potential security weaknesses in data transmission.
Diff
diff --git a/greengrass/v2/developerguide/secure-tunneling-component.md b/greengrass/v2/developerguide/secure-tunneling-component.md index de807e61d..b6936c39e 100644 --- a//greengrass/v2/developerguide/secure-tunneling-component.md +++ b//greengrass/v2/developerguide/secure-tunneling-component.md @@ -504,0 +505,10 @@ The following table describes the changes in each version of the component. +2.0.1 | + +Bug fixes and improvements + + + * Updates the bundled local proxy binary to version 3.3.0. + * Fixes concurrency and object-lifetime bugs that could affect tunnel data integrity. + * Requires TLS 1.2 or later and no longer allows SSLv2, SSLv3, TLS 1.0, or TLS 1.1. + +