So Alpine Linux has a pretty serious set of vulnerabilities because
- It doesn’t download packages over TLS, making them prone to MitM. Which on its own isn’t terrible but it also...
- Doesn’t check hashes before extracting to root (!)
- And uses custom gzip code which is vulnerable to arbitrary code execution (!!)
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!