Mail archive

[alpine-user] How are security updates handled

From: Rodrigo Campos <>
Date: Wed, 23 Mar 2016 14:55:29 -0300


I'm interested in using alpine linux for docker containers, but I'm
not sure how security updates to packages are managed. I read the site
and wiki and didn't find it (but I might have missed something).

I see usually alpine linux releases are supported for more or less two
years, although v3.3 seems to be 1.5 years[1]. Is it expected that
new releases are supported for 1.5 years? Or is there any written
policy that I can check and didn't find?

Also, how are security updates handled to any X package in an some
supported alpine linux release? If some package is not supported
upstream anymore, it's up to the alpine linux maintainer of the
package to back port the fix to the supported alpine linux release? Is
there an alpine linux security team? Or how is this handled? And
again, is there any written policy about this? :)

Thanks a lot,


Received on Wed Mar 23 2016 - 14:55:29 UTC