Alpine 3.19's EOL date is not reported

[tvbishan]

Description

A warning is reported in Trivy scans of images based on Alpine 3.19.

WARN This OS version is not on the EOL list: alpine 3.19

Desired Behavior

Trivy correctly identifies that Alpine 3.19 is receiving security support.

Actual Behavior

trivy i alpine:3.19 reports:

2024-01-16T10:30:49.864Z WARN This OS version is not on the EOL list: alpine 3.19

Reproduction Steps

1. docker pull alpine:3.19
2. trivy i alpine:3.19

Target

Container Image

Scanner

Vulnerability

Output Format

Table

Mode

Standalone

Debug Output

Trivy Version: 0.48.3
Creating trivy results file
2024-01-16T10:30:46.782Z	INFO	Need to update DB
2024-01-16T10:30:46.782Z	INFO	DB Repository: ghcr.io/aquasecurity/trivy-db
2024-01-16T10:30:46.782Z	INFO	Downloading DB...
2024-01-16T10:30:48.707Z	INFO	Vulnerability scanning is enabled
2024-01-16T10:30:48.707Z	INFO	Secret scanning is enabled
2024-01-16T10:30:48.707Z	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2024-01-16T10:30:48.707Z	INFO	Please see also https://aquasecurity.github.io/trivy/v0.48/docs/scanner/secret/#recommendation for faster secret detection
2024-01-16T10:30:49.864Z	INFO	Detected OS: alpine
2024-01-16T10:30:49.864Z	WARN	This OS version is not on the EOL list: alpine 3.19
2024-01-16T10:30:49.864Z	INFO	Detecting Alpine vulnerabilities...
2024-01-16T10:30:49.865Z	INFO	Number of language-specific files: 3
2024-01-16T10:30:49.865Z	INFO	Detecting dotnet-core vulnerabilities...
--- Findings Begin ---

Operating System

Linux

Version

Trivy Version: 0.48.3

Checklist

• Run trivy image --reset
• Read the troubleshooting

[knqyf263]

It will be fixed in v0.49.0.
#5938