Certificate-based Authentication for S3

Certificate-based Authentication for S3

Security is paramount at MinIO and sits up there with performance, simplicity and resilience in the pantheon of things that matter. MinIO encrypts data when stored on disk and when transmitted over the network. MinIO’s state-of-the-art encryption schemes support granular object-level encryption using modern, industry-standard encryption algorithms, such as AES-256-GCM, ChaCha20-Poly1305, and AES-CBC. MinIO is fully compatible with S3

Read more...

Security Advisory

Synopsis: A signature verification bypass vulnerability against the MinIO server was discovered and has been fixed in RELEASE.2021-03-17T02-33-02Z. Severity: Medium Who is affected: All users of the MinIO server version before RELEASE.2021-03-17T02-33-02Z  affected. Users access MinIO over TLS are not affected. Recommended Action for Users: All users are advised to upgrade their MinIO deployments to the latest version.

Read more...

Security Advisory

Synopsis: A server-side request forgery (SSRF) vulnerability against the MinIO server was discovered and has been fixed in RELEASE.2021-01-30T00-20-58Z. Severity: Medium Who is affected: All users of the MinIO server version RELEASE.2019-12-17T23-16-33Z or newer are affected. Users that have disabled the MinIO browser UI are not affected. Recommended Action for Users: All users are advised to upgrade their

Read more...