Alpine Linux, the container Linux distrubution upon which Xibo’s Docker containers are based has said there is a flaw in the way their package manager (apk) works. This flaw could potentially allow an attacker to inject their own code in to the container at build time.
This is a companion discussion topic for the original entry at https://blog.xibo.org.uk/docker-alpine-poisoning/