Red Hat Enterprise Linux 8.10 Linux released
15:32, 29.05.2024
The recently released Red Hat Enterprise Linux 8.10 was the last release of the eighth branch in the full support phase, and on May 31 it will move to the maintenance phase, where it will focus on patches and security updates. The key features include:
- RHEL 8 rpm packages are no longer publicly distributed via the CentOS Git repository and are instead available to the company's clients through a closed section of the website, where the EULA prohibiting redistribution of data is relevant.
- Stabilization of the IDXD (Data Streaming Accelerator) driver to use data streaming accelerator embedded in Intel CPUs.
- Full support for Intel SGX (Software Guard Extensions) creation technology
- New software versions and packets: GCC Toolset 13, LLVM Toolset 17.0.6, Rust Toolset 1.75.0, Go Toolset 1.21.0, Python 3.12, Ruby 3.3, PHP 8.2, Git 2.43.0, Git LFS 3.4.1, elfutils 0.190, valgrind 3.22, Ant 1.10.9, and cmake 3.26.
- Updated both server and system packages, including nginx 1.24, samba 4.19.4, PostgreSQL 16, MariaDB 10.11, chrony 4.5, libkcapi 1.4.0, stunnel 5.71, SSG 0.1.72, Apache Kafka (librdkafka) 1.6.1, audit 3.1.2, openCryptoki 3.22.0, linuxptp 4.2, nispor 1.2.10, rteval 3.7, ipa 4.9.13, 389-ds-base 1.4.3.39, Podman 4.9.
- Implementation of DEP (Data Execution Prevention), NX (No Execute) and XD (Execute Disable) memory protection mechanisms in GRUB boot loader and shim layer.
- Passwords are now hashed using the bcrypt algorithm.
- The RHEL image builder provides the ability to specify arbitrary mount points and create different partitioning modes (auto-lvm, lvm, raw).
- OpenSSL now has a defense against RSA decryption attacks based on transaction time measurement using variants of Bleichenbacher's method.
- experimental "podman build farm" command to create container images for multiple architectures at once.
- IdM (Identity Management) implements the ability to authenticate users through external providers (IdPs) that support the OAuth 2 (Device Authorization Grant) protocol.
- The ss utility, which is part of the iproute2 package, adds the "--bound-inactive" option to display inactive TCP network sockets that are attached to an IP address and network port (bind call is made) but are not connected (connect call) or placed in connection standby mode (listen call).
- multipathd now supports FPIN-Li (Fabric Performance Impact Notification) event handling to optimize access to NVMe drives.
- Added grafana-selinux package to run grafana with SELinux protection.
- Continuation of experimental support for AF_XDP, XDP hardware offloading, Multipath TCP (MPTCP), MPLS (Multi-protocol Label Switching), dracut, kexec fast reboot, nispor, DAX in ext4 and xfs, systemd-resolved, accel-config, igc, OverlayFS, Stratis, NVMe/TCP, DNSSEC, GNOME on ARM64 and IBM Z systems, AMD SEV for KVM, Intel vGPU, Toolbox.
- Rtla, one of the utilities, has gained the ability to use "+" and "-" prefixes to attach and detach CPU cores from the list of tracked cores (measurement-cpulist).
- Web console simplified storage management and partition resizing. Added support for generating shell scripts and Ansible scripts for customizing kdump. VNC is used instead of SPICE protocol to connect to virtual machines.