💾 Archived View for adamthiede.com › log › 2024-07-03.gmi captured on 2024-09-29 at 00:28:53. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2024-07-08)

-=-=-=-=-=-=-

Alpine + Vulnerabilities

Another day, another paged-by-CEO-at-midnight "patch-it-yesterday"-tier vulnerability I don't have to worry about because my servers run Alpine Linux.

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

(OpenBSD is similarly invulnerable)

Reasons not to run Alpine Linux in production:

• Short release cycle
• Lack of familiarity with the drawbacks
• Lack of familiarity with the workarounds for said drawbacks
• You've not heard of Alpine
• You're a systemd power user (if those exist)
• You want your OS to use more RAM and CPU for no reason

Seriously, Alpine continues to rock.

back to gemlog