alpine zlib vulnerability update

[Slav Zlobin]

Hi I have came across the vulnerability issue in the docker openresty image -  openresty/openresty:1.19.9.1-14-alpine 
https://hub.docker.com/layers/openresty/openresty/openresty/1.19.9.1-14-alpine/images/sha256-e439ec0c78a3ce35c10e4a200bf53b81648aea58020e760c87cdcd5df8db1ea4?context=explore
The alpine vulnerability https://security.alpinelinux.org/vuln/CVE-2022-37434 
It is resolved in following versions https://alpinelinux.org/posts/Alpine-3.13.12-3.14.8-3.15.6-3.16.2-released.html 
Are there any plans for the next few days to update the alpine image to remove the vulnerability?
 

[Junlong li]

zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).

From the above description, the openresty/nginx does not call inflateGetHeader,  so it won't  affect by the  vulnerability 

[Slav Zlobin]

Thank you for your prompt reply! The issue is not about where there the Openresty or Nginx uses that library it is the situation where the container implementing the image has a vulnerability that can potentially be exploited. It is flagged by a vulnerability scanning SW and affects the security rating of the SW implementing the Openresty image.
Do you think that it is possible to update an Openresty alpine image to a higher version?

If not perhaps someone can provide instructions about how I can build the image myself with an updated version of the Alpine OS?