So we are able to get the pip package installed on Debian, but python slim has open CVE's that won't get addressed.
So the other option is alpine.
I found https://pkgs.alpinelinux.org/package/edge/community/x86/s2geometry
But that build is patching OpenSSL https://git.alpinelinux.org/aports/tree/community/s2geometry/fix-newer-openssl.patch
Needless to say running a patch to OpenSSL in production is a hard sell to any security group.
Any options?
So we are able to get the pip package installed on Debian, but python slim has open CVE's that won't get addressed.
So the other option is alpine.
I found https://pkgs.alpinelinux.org/package/edge/community/x86/s2geometry
But that build is patching OpenSSL https://git.alpinelinux.org/aports/tree/community/s2geometry/fix-newer-openssl.patch
Needless to say running a patch to OpenSSL in production is a hard sell to any security group.
Any options?