https://justi.cz/security/2018/09/13/alpine-apk-rce.html If you use Alpine Linux in a production environment, you should 1. rebuild your images and 2. consider donating what you can to the developers. It seems like apk has one main developer who fixed this bug in less than a week. The lead maintainer of Alpine cut a new release shortly thereafter. 簡單來說 作者發現了一個 Alpine Linux 的 RCE 漏洞 順便抱怨一下 Alpine Linux 使用的公司很多 但是 apk 的 maintainer 只有一個人 各大公司應該要多多 donate 開發者 --

※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 106.1.224.240 ※ 文章網址: https://webptt.com/m.aspx?n=bbs/NetSecurity/M.1536906971.A.AA1.html