Alpine Linux Ships Security Patches Across Four Stable Branches

Alpine Linux has released point updates across all four of its supported stable branches, addressing vulnerabilities in some of the most foundational libraries in the Linux ecosystem. Versions 3.20.10, 3.21.7, 3.22.4, and 3.23.4 all landed on 2026-04-15, and anyone running Alpine in production should prioritize the upgrade.

The bulk of the fixes target OpenSSL, which received patches for six CVEs, including CVE-2026-31790 and CVE-2026-28387 through CVE-2026-28390. Alpine's C library, musl, picks up fixes for two vulnerabilities (CVE-2026-6042 and CVE-2026-40200), and zlib closes out another pair (CVE-2026-22184 and CVE-2026-27171). Given that musl and zlib sit at the very bottom of the dependency tree, these patches ripple through virtually every binary on an Alpine system.

The coordinated release across four branches underscores Alpine's commitment to long-term maintenance, something particularly relevant for the container and embedded communities that rely on the distribution as a minimal base image. With OpenSSL, musl, and zlib all touched in a single cycle, this is one of those updates worth pushing through your CI pipeline sooner rather than later.

Related Articles

Alpine 3.19.1 Released Fixing OpenSSL Security Vulnerabilities

Distrobox 1.6: Streamlined Distro Launching in Your Terminal

Leap Micro 5.5 Launches, Leap Micro 5.3 Reaches End of Life

K3s Updates to Kubernetes v1.31.14 With Extensive Bug Fixes and Component Upgrades