mirror of
https://github.com/pgsty/minio.git
synced 2026-04-28 11:46:21 +02:00
f48dbe777d
Update the STS, security, select, and Docker documentation to reflect the recent hardening work, including LDAP STS throttling details, OIDC JWT verification changes, and the new pgsty-specific security policy and advisory index. Rewrite repository and raw-document links that still pointed at minio/minio so the docs consistently reference pgsty/minio instead. The core idea is to keep the documentation aligned with the fork's actual security behavior, ownership, and upgrade guidance without mixing in unrelated code changes.
1.1 KiB
1.1 KiB
Security Policy
This repository is the pgsty/minio community fork of minio/minio. Upstream MinIO security contacts do not handle fork-specific fixes or release notes for this repository.
Supported Versions
Security fixes are tracked on the active master branch and summarized in docs/security/advisories.md.
Reporting a Vulnerability
For vulnerabilities in this fork:
- Follow the fork-specific expectations in VULNERABILITY_REPORT.md.
- Prefer the
pgsty/miniorepository's GitHub security reporting workflow when it is available. - If private reporting is not available, contact the maintainers through the
pgsty/miniorepository before publishing detailed exploit information. - If you confirm the issue also affects upstream
minio/minio, report it upstream separately.
Disclosure Process
Fork-specific fixes and user-visible upgrade notes are published in docs/security/advisories.md. The fork-specific triage and remediation process is described in VULNERABILITY_REPORT.md.