Skip to content

GitLab

Open
Created by Ariadne Conill@kaniini🐰Developer

alpine-glibc

It has come to the security team's attention that there are Docker images that make use of alpine-pkg-glibc.

It has also come to the security team's attention that end users and developers of these Docker images believe that alpine-pkg-glibc is supported by the Alpine community in some way, which it obviously is not.

aports!24647 (closed) was a proposed update to musl which blocks installation of the glibc packages provided by the alpine-pkg-glibc project. The alpine-pkg-glibc project may rebuild the musl package with ALLOW_GLIBC_PKG=1 in abuild.conf if they wish to provide their own musl package in their repo. We have concluded based on informal consensus to approach this as a documentation issue instead.

We may also wish to request the alpine-pkg-glibc project rename itself in order to make it more clear to the community that it is NOT an officially blessed project of Alpine, but that is an issue for the council.

Thusly, there are two items referred:

  • Should we accept the proposed musl-1.2.2-r6 update into edge?
  • Should we refer the alpine-glibc branding issue to the council to follow up on?
Edited by Ariadne Conill
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information