RHEL 9.3 has already been released and these are its news

Darkcrizt

5 minutes

RHEL9

The RHEL 9 branch is being developed with a more open development process and uses the base CentOS Stream 9 package as a base

Recently Red Hat announced the availability of the new version of RHEL 9.3, which is the first version whose rpm packages were not published in the public CentOS repository and are provided to the company's customers only through a closed section of the site that prohibits redistribution of data.

In this release, which comes from RHEL 9.3 the improvements implemented in DNF stand outBecause new plugins added »dnf leaves» to show all installed packages that are not dependencies on other packages; «show-leaves» to show similar recently installed packages or packages that are no longer used as dependencies after a transaction.

We can also find the "reboot" command in DNF to restart automatically after the update is completed and in which the following modes are available, "never" default without reboot, "when-changed" which restart after any update and «when-needed» which reboots only if required by installed changes (for example, after installing a kernel or systemd update). To power off instead of reboot, the “–poweroff” parameter is provided.

Another of the changes that stands out is in NetworkManager, in which has been added support for “no-yyyy” option in resolv.conf, which disables DNS queries for AAAA records, as well as added support for “lacp_active” option to control the processing of LACPDU frames and implemented restarting NetworkManager after restarting the dbus service.

Besides that, OpenSSH has begun to deprecate SHA-1 hash-based algorithms in favor of SHA-2. If the server does not have SHA-1 based keys, sshd will now only use SHA-2 to validate host keys, which may result in incompatibility with RHEL 8 and earlier clients.

OpenSSL adds support for tuning the parameters of Brainpool's secure elliptic curves and provides protection against RSA decryption attacks based on the timing of operations using variants of the Bleichenbacher method.

SELinux has added the virt_qemu_ga_run_unconfined option, which allows the qemu-ga process to execute commands, such as mount, in non-secure mode that were natively restricted by SELinux.

Of the other changes that stand out from this new version:

  • The implementations of the SCTP (Stream Control Transmission Protocol) and MPTCP (Multipath TCP) protocols have been carried over from the latest version of the Linux kernel.
  • The ARM64 platform provides full support for cameras with USB interface, wireless (Wi-Fi) and Bluetooth adapters.
  • Full support is provided for Intel Arc A-Series discrete graphics cards (Alchemist or DG2).
    The eBPF subsystem implementation is synchronized with the Linux 6.3 kernel.
  • systemd-udevd has been modified to allow permanent names for InfiniBand network interfaces.
  • Postfix includes the ability to check DNS SRV records to determine the host and port of the mail server that will be used to transmit messages.
  • FUSE3 adds the ability to invalidate a directory entry without automatically unmounting the mount points associated with that entry.
  • To protect against Specter v2 attacks related to speculative instruction execution, AutoIBRS mode was added, supported by AMD CPUs starting with the EPYC 9004 Genoa family.
  • For containers, it is possible to use virtual chips to store cryptographic keys (vTPM), implemented on the basis of a common physical TPM (Trusted Platform Module).
  • LVM has added support for vmcore logical partitions for core dumps generated by the kdump subsystem.
  • Added a system function to manage and install systemd units.
  • Added a system function to install, configure, manage, and run the PostgreSQL DBMS.
  • Support for defining, changing, and deleting ipsets has been added to the firewall system feature.
  • Added support for virtualization tools for XNUMXth generation Intel Xeon Scalable processors.
  • Podman adds support for compressed containers using the zstd algorithm.
  • Added the ability to use Quadlets to automatically generate systemd services from container descriptions.
  • Expanded capabilities for clusters and fault-tolerant systems: Added support for replacing partition groups that do not have physical partitions to the LVM activation agent.
  • RHEL Image Builder has added the ability to generate OVA files for VMware VSphere.
    New options “–ipv4-dns-search” and “–ipv6-dns-search” have been added
  • Added support for booting in UEFI mode to AMI images for AWS EC2 cloud environments.
  • Added an experimental feature for hardware acceleration of IPsec by moving packet encapsulation operations to the network card side.
  • The experimental implementation of kTLS (kernel-level TLS) is synchronized with kernel 6.3.
  • Added support for using kTLS to speed up GnuTLS.

Finally, if you are interested in knowing more about it, you can consult the details In the following link.

Get Red Hat Enterprise Linux

Ready-to-use installation images will soon be available to registered users of the Red Hat Customer Portal (you can also use CentOS Stream 9 iso images to test functionality).


Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: AB Internet Networks 2008 SL
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.