My name’s Quentin Machu and I am the primary maintainer of Clair , an
open source project for the static analysis of vulnerabilities in
containers, by CoreOS. The project, which aim at bringing security
awareness to everyone, recently went 1.0  and is considerably well
received by the community.
As Alpine grows more and more popular, especially for containers to which
it becomes a really common base image, I believe that it would be extremely
valuable for Alpine to track vulnerabilities that may affect its packages.
Several Linux distributions, such as Debian , Ubuntu , RHEL
, Arch , already do through advisories and parsable databases.
Since the very beginning of Clair, the community has shown a significant
interest in being informed about the potential security flaws that may
threaten their Alpine-based containers .
Received on Thu Mar 24 2016 - 16:34:43 GMT