JeremyB

This seems odd since alpine 3.16.1 is supposed to fix CVE-2022-30065 according to the release notes: https://www.alpinelinux.org/posts/Alpine-3.16.1-released.html the commit is a bit confusing to read since it has a patch...

@keithmattix, did you follow the links I posted above? [the 3.16.1 release notes](https://www.alpinelinux.org/posts/Alpine-3.16.1-released.html) lists both CVEs: ``` This release includes various security fixes, including: busybox [CVE-2022-30065](https://security.alpinelinux.org/vuln/CVE-2022-30065) openssl [CVE-2022-2097](https://security.alpinelinux.org/vuln/CVE-2022-2097) ``` and...

oh, maybe the problem is that the patch updates the pkgrel to 15 instead of 18 in [main/busybox/APKBUILD](https://git.alpinelinux.org/aports/tree/main/busybox/APKBUILD?h=v3.16.1&id=0e40e1c7d8ca5ff7a21a846ae4c2cf029d278046) ``` -pkgrel=14 +pkgrel=15 ``` Edit: yep, it looks like that was the...