Open Source = Bombproof

Open Source = Bombproof

Software isn't usually described as bombproof. Particularly the type of software that is responsible for large analytic jobs or machine learning workloads. The words “finicky”, “complex” or in the case of good marketing “professional grade” (meaning you need years of study and multiple certifications) are more common.Bombproof software, however, is one of the many benefits associated with active open

Read more...

Security Advisory

Synopsis: Unauthorized bucket access possibilities against the IAM implementation of MinIO server was discovered and has been fixed in RELEASE.2019–06–15T23–07–18Z.Severity: HighWho is affected: All users of IAM feature of MinIO server and gateway are affected. It is highly recommended to upgrade.Recommended Action for Users: All users are advised to upgrade their Minio deployments

Read more...

Security Advisory

Synopsis: Two different privilege escalation possibilities against the IAM implementation of MinIO server were discovered and has been fixed in RELEASE.2019–04–04T18–31–46Z.Severity: HighWho is affected: All users of the MinIO server are affected. Users of the MinIO gateway are not affected. However, it is still recommended to upgrade.Recommended Action for Users: All users are

Read more...

Introducing Spark-Select for MinIO Data Lakes

Introducing Spark-Select for MinIO Data Lakes

When early object storage APIs were developed they focused on the efficient storage and retrieval of objects. Amazon’s success with S3 and its implementation of the robust S3 API quickly became the de facto standard for object storage in the cloud.MinIO, recognizing this, invested heavily in creating the most compliant implementation of the S3 API outside of Amazon.

Read more...

Security Advisory

Synopsis: Possibility of spoofing authentication as another user on the Minio server S3 and Admin API was discovered and has been fixed in RELEASE.2019–02–20T22–44–29ZSeverity: MediumWho is affected: All users using multi-user feature are affected. However, it is still recommended for everyone to upgrade.Recommended Action for Users: All users are advised to upgrade their Minio

Read more...

Security Advisory

Synopsis: Possibility of authentication bypass against the Minio server Storage API was discovered and has been fixed in RELEASE.2019–02–12T21–58–47ZSeverity: CriticalWho is affected: The concerned issue is present in all the Minio releases after October 4th 2018. All users of distributed erasure backend are affected. Users of FS and Gateway backend are not affected. However, it

Read more...