# Security Policy This repository is the `pgsty/minio` community fork of `minio/minio`. Upstream MinIO security contacts do not handle fork-specific fixes or release notes for this repository. ## Supported Versions Security fixes are tracked on the active `master` branch and summarized in [docs/security/advisories.md](docs/security/advisories.md). ## Reporting a Vulnerability For vulnerabilities in this fork: 1. Follow the fork-specific expectations in [VULNERABILITY_REPORT.md](VULNERABILITY_REPORT.md). 2. Prefer the `pgsty/minio` repository's GitHub security reporting workflow when it is available. 3. If private reporting is not available, contact the maintainers through the `pgsty/minio` repository before publishing detailed exploit information. 4. If you confirm the issue also affects upstream `minio/minio`, report it upstream separately. ## Disclosure Process Fork-specific fixes and user-visible upgrade notes are published in [docs/security/advisories.md](docs/security/advisories.md). The fork-specific triage and remediation process is described in [VULNERABILITY_REPORT.md](VULNERABILITY_REPORT.md).