So Alpine Linux has a pretty serious set of vulnerabilities because
- It doesn’t download packages over TLS, making them prone to MitM. Which on its own isn’t terrible but it also...
- Doesn’t check hashes before extracting to root (!)
- And uses custom gzip code which is vulnerable to arbitrary code execution (!!)
@cypnk @angristan Actually, the first isn't crucial if the second is (and it MUST br) implemented correctly.
@steelman @cypnk indeed
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!