Upgrade liberica-openjdk-alpine:21 to Alpine 3.19.2 to address CVEs

[frankgrimes97]

The latest published Liberica Alpine docker image appears to still be using Alpine 3.19.1.

$ docker run -it --rm bellsoft/liberica-openjdk-alpine:21
Unable to find image 'bellsoft/liberica-openjdk-alpine:21' locally
21: Pulling from bellsoft/liberica-openjdk-alpine
bca4290a9639: Pull complete 
4e89a0e502c5: Pull complete 
40d355205892: Pull complete 
Digest: sha256:b4f3b3f5c31e2935f5e941664e45156284ec14fc5745486291a7c45fbccd253d
Status: Downloaded newer image for bellsoft/liberica-openjdk-alpine:21
/ # cat /etc/alpine-release 
3.19.1

Alpine 3.19.2 was recently released: https://www.alpinelinux.org/posts/Alpine-3.17.8-3.18.7-3.19.2-released.html

It includes fixes for the following two OpenSSL CVEs:

• https://security.alpinelinux.org/vuln/CVE-2024-2511
• https://security.alpinelinux.org/vuln/CVE-2024-4603

It also includes fixes for the following four BusyBox CVEs:

• https://security.alpinelinux.org/vuln/CVE-2023-42363
• https://security.alpinelinux.org/vuln/CVE-2023-42364
• https://security.alpinelinux.org/vuln/CVE-2023-42365
• https://security.alpinelinux.org/vuln/CVE-2023-42366

$ docker run -it --rm alpine:3.19
Unable to find image 'alpine:3.19' locally
3.19: Pulling from library/alpine
d4f2d2bd5ed9: Pull complete 
Digest: sha256:af4785ccdbcd5cde71bfd5b93eabd34250b98651f19fe218c91de6c8d10e21c5
Status: Downloaded newer image for alpine:3.19
/ # cat /etc/alpine-release 
3.19.2

Alternatively, there is also a newer Alpine 3.20.1 release available: https://www.alpinelinux.org/posts/Alpine-3.20.1-released.html

[frankgrimes97]

Alpine 3.19.3 and Alpine 3.20.2 have since been released, each with new OpenSSL fixes.