Missing fresh image for `webdevops/php-nginx:8.1-alpine` - security issues

[AronNovak]

Trivy reports various issues:

Total reclaimed space: 1.293GB
+ jq -s [.[] | .Results[] | .Vulnerabilities[]? | { package: .PkgName, cve: .VulnerabilityID }] trivy-report.json
+ php /var/lib/jenkins/analyze-report.php
/mnt/jenkins-datadir/jobs/CLIENT ACR security scan/workspace- glib has a known vulnerability: CVE-2024-34397
- libcrypto3 has a known vulnerability: CVE-2024-2511
- libssl3 has a known vulnerability: CVE-2024-2511
- openssl has a known vulnerability: CVE-2024-2511
- golang.org/x/net has a known vulnerability: CVE-2023-45288
- google.golang.org/protobuf has a known vulnerability: CVE-2024-24786
- golang.org/x/net has a known vulnerability: CVE-2023-45288
- google.golang.org/protobuf has a known vulnerability: CVE-2024-24786
- golang.org/x/net has a known vulnerability: CVE-2023-45288
- google.golang.org/protobuf has a known vulnerability: CVE-2024-24786
Build step 'Execute shell' marked build as failure

And the last image is from 2 months ago:

May we help somehow to have fresh images for this variant too?

[AronNovak]

Should all the production-grade images based on this include:

RUN apk -U upgrade

simply to have security updates between releases?