Alpine Linux is a community-developed operating system designed for x86 routers, firewalls, virtual private networks, IP telephones, and servers. It is designed to implement the concept of security, including a number of active security features such as PaX and SSP, they can prevent the software vulnerabilities are used by rivals. The system uses the C language library is musl, the basic tools are in BusyBox. They are common in embedded systems and are smaller than tools in GNU / Linux systems.
Alpine Linux is built around musl libc and busybox. This makes it smaller and more resource efficient than traditional GNU/Linux distributions. A container requires no more than 8 MB and a minimal installation to disk requires around 130 MB of storage. Not only do you get a fully-fledged Linux environment but a large selection of packages from the repository.
Binary packages are thinned out and split, giving you even more control over what you install, which in turn keeps your environment as small and efficient as possible.
Alpine Linux is a very simple distribution that will try to stay out of your way. It uses its own package manager called apk, the OpenRC init system, script driven set-ups and that’s it! This provides you with a simple, crystal-clear Linux environment without all the noise. You can then add on top of that just the packages you need for your project, so whether it’s building a home PVR, or an iSCSI storage controller, a wafer-thin mail server container, or a rock-solid embedded switch, nothing else will get in the way.
Alpine Linux was designed with security in mind. The kernel is patched with an unofficial port of grsecurity/PaX, and all userland binaries are compiled as Position Independent Executables (PIE) with stack smashing protection. These proactive security features prevent exploitation of entire classes of zero-day and other vulnerabilities.
Alpine Linux 3.11.3 has been released.
Andy Postnikov (2): community/drupal7: security upgrade to 7.69 community/phpmyadmin: upgrade to 4.9.4 Bart Ribbers (1): community/kdeconnect: add missing runtime dep sshfs Carlo Landmeter (1): community/lua-turbo: add missing ca-certificates Henrik Riomar (1): main/etckeeper: upgrade to 1.18.13 J0WI (2): main/openvpn: upgrade to 2.4.8 community/firefox-esr: security upgrade to 68.4.1 Jakub Jirutka (12): community/kea: upgrade to 1.7.3 community/jetty-runner: upgrade to 22.214.171.12490215 community/repmgr: upgrade to 5.0.0 community/lua-busted: upgrade to 2.0.0 community/kea: fix capabilities community/kea-hook-runscript: rebuild against kea 1.7.3 community/kea-hook-runscript: take over maintainership community/ruby-rspec-support: upgrade to 3.9.2 community/muacme: fix depends on cmd:openssl community/ldap-passwd-webui: fix depends on py-waitress community/py3-waitress: fix broken upgrade from older versions main/openrc: allow to change interfaces config location Jason A. Donenfeld (1): community/wireguard: update to 20191226 Joel (1): main/linux-lts: enable cannonlake pinctrl for x86_64 Kaarle Ritvanen (2): main/awall: upgrade to 1.6.13 main/ulogd: fix logrotate pattern Kevin Daudt (1): community/salt: fix python3.8 incompattibilities Leo (6): community/dia: fix CVE-2019-19451.patch main/python3: upgrade to 3.8.1 testing/fontforge: rebuild against python3.8 community/ruby-rspec-mocks: upgrade to 3.9.1 community/ruby-rspec-core: upgrade to 3.9.1 main/e2fsprogs: security upgrade to 1.45.5 Leonardo Arena (5): main/xen: add secinfo main/msmtp: fix init script community/lxcfs: let lxc use lxcfs if installed community/pflogsumm: remove sysklogd dependency main/xen: add secinfo Milan P. Stanić (6): main/haproxy: upgrade to 2.0.12 main/linux-lts: upgrade to 5.4.7 main/linux-lts: set UEVENT_HELPER_PATH for armv7 main/linux-lts: upgrade to 5.4.8 main/linux-lts: upgrade to 5.4.11 main/linux-lts: upgrade to 5.4.12 Natanael Copa (34): community/chromium: upgrade to 79.0.3945.88 community/chromium: fix build on armv7 main/py3-django: security upgrade to 1.11.27 (CVE-2019-19844) main/openssl: fix CVE-2019-1551 community/opensc: security upgrade to 0.20.0 main/samba: backport fix for python 3.8 main/hunspell: fix CVE-2019-16707 community/jool-modules-lts: rebuild against kernel 5.4.8-r0 community/virtualbox-guest-modules-lts: rebuild against kernel 5.4.8-r0 community/wireguard-lts: rebuild against kernel 5.4.8-r0 main/drbd-lts: rebuild against kernel 5.4.8-r0 main/xtables-addons-lts: rebuild against kernel 5.4.8-r0 main/zfs-lts: rebuild against kernel 5.4.8-r0 main/linux-rpi: upgrade to 5.4.7 main/linux-rpi: upgrade to 5.4.8 community/jool-modules-rpi: rebuild against kernel 5.4.8-r0 community/wireguard-rpi: rebuild against kernel 5.4.8-r0 main/libjpeg-turbo: security upgrade to 2.0.4 (CVE-2019-2201) main/kamailio: increase timout for stopping service main/busybox: enable FEATURE_NSLOOKUP_BIG main/linux-rpi: upgrade to 5.4.12 community/wireguard-rpi: rebuild against kernel 5.4.12-r0 community/jool-modules-rpi: rebuild against kernel 5.4.12-r0 main/linux-lts: enable rtw88 driver for x86/x86_64 main/linux-lts: enable serial_ir module community/jool-modules-lts: rebuild against kernel 5.4.12-r1 community/virtualbox-guest-modules-lts: rebuild against kernel 5.4.12-r1 community/wireguard-lts: rebuild against kernel 5.4.12-r1 main/drbd-lts: rebuild against kernel 5.4.12-r1 main/xtables-addons-lts: rebuild against kernel 5.4.12-r1 main/zfs-lts: rebuild against kernel 5.4.12-r1 main/nginx: fix CVE-2019-20372 main/mkinitfs: upgrade to 3.4.5 ==== release 3.11.3 ==== Rasmus Thomsen (18): community/py3-keepass: use Cryptodome instead of Crypto community/gnome-passwordsafe: use Cryptodome instead of Crypto community/accerciser: upgrade to 3.34.3 community/mutter: upgrade to 3.34.3 community/gnome-shell: upgrade to 3.34.3 community/dconf-editor: upgrade to 3.34.3 community/eog: upgrade to 3.34.2 community/epiphany: upgrade to 126.96.36.199 community/gnome-boxes: upgrade to 3.34.3 community/seahorse: upgrade to 3.34.1 community/gnome-contacts: upgrade to 3.34.1 community/rhythmbox: upgrade to 3.4.4 community/gnome-music: upgrade to 3.34.3 community/gnome-initial-setup: upgrade to 3.34.3 community/gnome-maps: upgrade to 3.34.3 community/evolution-data-server: upgrade to 3.34.3 community/evolution: upgrade to 3.34.3 community/evolution-ews: upgrade to 3.34.3 Stefan Reiff (3): community/wireguard-rpi: enable for rpi4 main/libvirt: qemu: Fix migration without parameters community/wireguard-(lts|rpi): upgrade to 0.0.20200105 Sören Tempel (1): main/ctags: enable tests on s390x again William Johansson (1): main/grub: fix booting Xen under EFI