Anyone running Alpine Linux as a container base or on minimal hardware has patching to do. The project has pushed out Alpine 3.24.1, a maintenance update for the 3.24 series that rolls up fixes for the OpenSSL advisory published on 2026-06-09 along with a batch of other security patches.
The release addresses 15 tracked CVEs, including CVE-2026-34180 through CVE-2026-34183 and several in the 42xxx and 45xxx ranges. The full set of changes is documented in the git log. This is a point release rather than a feature update, so there are no new packages or installer changes to account for, just rebuilt binaries against the patched libraries.
The stakes are higher for Alpine than for most distributions because of where it runs. Built on musl libc and BusyBox, its tiny footprint has made it the default base image for a huge slice of Docker and Kubernetes deployments, where a single vulnerable OpenSSL build can propagate across thousands of derived images. The same minimalism makes it a common choice for single-board computers and embedded systems, so the fixes reach far beyond conventional servers. Self-hosters who pin Alpine in their Dockerfiles will want to rebuild and redeploy rather than wait for upstream images to catch up.
The 3.24 series itself arrived earlier this year with updates including LLVM 22, Rust 1.96, OpenZFS 2.4.2, Qt 6.11, and an installer that now handles the Limine boot loader. Alpine is free and open source, and 3.24.1 is available now from the project's mirrors for the architectures the distribution already supports.
