ProHoster > Blog > internet news > Release of the Red Hat Enterprise distribution Linux 10.2

Release of the Red Hat Enterprise distribution Linux 10.2

Red Hat has released its Red Hat Enterprise distribution. Linux 10.2, as well as an update to the previous branch - Red Hat Enterprise Linux 9.8. Ready-made installation images are available for registered users of the Red Hat Customer Portal (public ISO images can be used to evaluate functionality) CentOS Stream 10, as well as free RHEL developer builds). The release is available for the x86_64, s390x (IBM System z), ppc64le (POWER9), Aarch64 (ARM64), and RISC-V (preview) architectures. Updates for the RHEL 10.2 release will be generated until May 2032. The RHEL 10 branch will be supported until 2035 (plus 4 years of extended paid support), RHEL 9 until the end of May 2032, and RHEL 8 until 2029.

RHEL packages are not hosted in a public git repository.centos.org and are provided to the company's clients only through a closed section of the website, which is subject to a user agreement (EULA) prohibiting the redistribution of data downloaded through the client portal, creating legal risks when using these packages to create derivative distributions. The RHEL source code remains available in the repository. CentOS Stream, but it is not fully synchronized with RHEL and the versions of packages in it do not always match the packages in RHEL. Rocky Linux, Oracle and SUSE reproduce the source code of RHEL release rpm packages as part of the OpenELA project.

Major changes in RHEL 10.2 (most of the noted changes are also present in RHEL 9.8):

  • Provides the ability to use the io_uring interface for asynchronous I/O operations.
  • Added support for WiFi7 standard.
  • The goose AI assistant can now be used via the command line. Goose packages are available through the "extensions" repository.
  • The Anaconda installer now supports automatic installation of Flatpak packages during the distribution installation process. The availability of Flatpak packages depends on the selected environment; for example, selecting "Server with GUI" installs the Firefox Flatpak package.
  • Kickstart adds a new "rdp" command to enable graphical installation using the RDP (Remote Desktop Protocol), as well as an experimental (Technology Preview) "bootc" command for deploying bootable containers.
  • The graphical interface for assembling system images (image builder) has been updated to support the creation of boot containers and disk images, as well as images for network installation with the Anaconda installer.
  • The "bootc upgrade --download-only" command has been added for downloading updates to bootc-based systems without automatically applying them. To apply a previously downloaded update, use the "bootc upgrade" command.
  • The ability to convert container boot images into virtual machines has been added. The bcvk utility is available for launching such ephemeral virtual machines.
  • Added support for creating stateless PXE network boot images (for diskless systems) from existing container builds.
  • OpenSSH and libssh now support hybrid key exchange algorithms.
    mlkem768nistp256-sha256 and mlkem1024nistp384-sha38, which are resistant to brute-force attacks on a quantum computer. The pki and certificate system support keys and digital signatures based on the ML-DSA algorithm.
  • Under SE protectionLinux The systemd-oomd and redfish-finder services have been converted. The SE contexts have been switched from "permissive" to "enforcing" mode.Linux anaconda_generator_t, ktlshd_t, switcheroo_control_t, systemd_pcrextend_t, systemd_user_runtimedir_t and tuned_ppd_t. SE SettingsLinux adapted for new OpenSSH processes - sshd-session and sshd-auth.
    In SELinux Support for network protocols DCCP (Datagram Congestion Control Protocol) and SCTP (Stream Control Transmission Protocol) has been implemented.
  • A new package "capnproto" has been added to the CRB (CodeReady Builder) repository, containing Cap'n Proto, a high-performance data exchange and remote procedure call (RPC) system used in the rust-sequoia package.
  • A new implementation of the FIDO Device Onboarding (FDO) client and server, go-fdo-client and go-fdo-server, is proposed.
  • The greenboot-rs package has been added, providing a rewritten implementation of the Greenboot toolkit in Rust (the previous version was written in bash). Greenboot is used in atomically updated RHEL variants to check the system state at boot and roll back to the previous version if problems are detected.
  • We've added the ability to use the Nmstate API and the NetworkManager-libreswan plugin to configure the bonding of multiple subnets using a single IPsec tunnel. NetworkManager-libreswan now supports starting Libreswan-based IPsec connections on-demand.
  • The epoll API implements an IRQ suspension mode that adaptively switches between active polling (NAPI/busy polling, periodic device polling by the kernel) and interrupt generation depending on application activity. When the application is idle, interrupt handling is used, and when a high load is detected, polling is used. In some situations, this new mode can reduce power consumption in data centers by up to 30%.
  • Full support for the PRP (Parallel Redundancy Protocol) and HSR (High-availability Seamless Redundancy) protocols is provided, implemented through the hsr kernel module.
  • In the core Linux The "microcode=flaglist" command line option has been implemented to control the behavior of the microcode loader on x86 systems (for example, you can set the minimum microcode version allowed to load).
  • In nftables, netdev handlers now support masks in network interface names, for example 'type filter hook ingress devices = { "vlan*", "veth0" }'.
  • The iproute package has been updated with the dpll utility for controlling and monitoring DPLL (digital phase-locked loop) devices.
  • The kernel-modules-extra package includes kernel modules
    fou and fou6 with the implementation of the FOU (Foo-over-UDP) and GUE (Generic Routing Encapsulation) protocols for organizing tunneling of various IP protocols over UDP.
  • Firewalld now supports predefined rule sets (policy sets). For example, the "gateway" rule set covers the functionality of a typical home router (including NAT, conntrack handlers, and inter-zone traffic redirection).
  • Added the ability to save kernel memory dumps (vmcore) after crashes to LUKS encrypted partitions.
  • The tpm2-tools package has improved compatibility with new TPM 2.0 (Trusted Platform Module) chips.
  • The BPF subsystem has been synchronized with kernel 6.17, and Perf with kernel 6.18. Support for performance monitoring on systems with Fujitsu Monaka and Intel Clearwater Forest CPUs has been added.
  • ftrace now supports using the function_graph tracer to track values ​​returned by functions.
  • The kpatch utility, used to apply patches to the kernel without stopping it, now has the ability to view a list of CVE identifiers of vulnerabilities fixed in the active kernel.
  • For LVM volume groups (VGs), support for the Persistent Reservations mechanism has been implemented, allowing you to reserve areas in shared storage.
  • The ability to apply system roles to atomically updated systems created using various tools, including ostree, has been introduced. This change allows deploying and configuring atomically updated systems using the same roles used for regular systems.
  • The viosock (Virtual Socket) driver for virtual machines has been added to the virtio-win package. Windows, which enables interaction between guest and host systems. The virt-secrets-init-encryption service has been added to encrypt access keys used in libvirt for the virtual Trusted Platform Module (vTPM).
  • QEMU implements native (without emulation) use of the FUA (Forced Unit Access) input/output method, which makes it possible to increase the performance of virtual storage, for example, under loads typical of DBMS.
  • The Podman toolchain has been migrated from GnuPG to Sequoia-PGP, an OpenPGP implementation written in Rust. Support for generating digital signatures for containers using Sequoia-PGP has been added.
  • The rhel10/ruby-40, rhel10/postgresql-18, rhel10/python-314-minimal, rhel10/mariadb-118, and rhel10/php-84 containers have been added to the Red Hat Container Registry.
  • Added experimental capability to boot virtual machines in Secure Boot mode on ARM64 systems.
  • Added experimental support for live migration of virtual machines using the S3-PR (SCSI3-Persistent Reservation) (S3-PR) protocol.
  • Added experimental support for running containers in lightweight microVMs using the krun runtime (based on crun).
  • An experimental feature has been added for using vsock (Virtual Socket) to forward access to TCP ports from the host environment to the guest system without additional settings; for example, you can forward access to SSH.
  • The vi command has been switched to launch vim-minimal instead of the full Vim editor.
  • The default /boot disk partition size has been increased from 1 to 2 GB.
  • Added support for servers with Intel Xeon 6+ processors (CWF, Clearwater Forest). Added support for Intel QAT (QuickAssist Technology) Gen6 hardware accelerators. Support for IAA (In-Memory Analytics Accelerator) accelerators integrated into Intel Wildcat Lake CPUs has been announced as stable.
  • New drivers added:
    • qaic — for Qualcomm Cloud AI accelerators.
    • tpm_crb_ffa - for TPM CRB FFA driver
    • qat_6xxx for Intel QuickAssist Technology GEN6 crypto accelerators.
    • imx-bus for Generic i.MX bus.
    • imx8m-ddrc for controlling the frequency of the i.MX8M DDR controller.
    • zl3073x for Microchip ZL3073x DPLL (Digital Phase Locked Loop).
    • gpio-usbio for Intel USBIO GPIO.
    • sil164 for Silicon Image sil164 TMDS.
    • mshv_root for Microsoft Hyper-V root partition VMM.
    • gpio_keys for connecting the keyboard via GPIO.
    • mtd_intel_dg for Intel DGFX MTD.
    • rtw89_8922a for Realtek 802.11be wireless 8922A.
    • amd_hsmp for AMD HSMP (Host System Management Port).
    • amd_isp4 for AMD ISP4 (Image Signal Processor).
    • intel-oaktrail for Intel Oaktrail.
    • intel-sdsi for Intel On Demand (SDSi).
    • typec_thunderbolt for Thunderbolt 3 USB Type-C.
    • usbio for Intel USBIO.
  • Updated versions of developer packages: Python 3.14, Ruby 4.0, PHP 8.4, OpenJDK 25, LLVM Toolset 21, Go Toolset 1.26, Rust Toolset 1.92, Git 2.51, PostgreSQL 18, MariaDB 11.8, valgrind 3.26.0,
    SystemTap 5.4, Node.js 24.
  • Updated server packages: NetworkManager 1.56.0, BIND 9.18.33, openwsman 2.8.1, iproute 6.17.0, nftables 1.1.5, OpenSSH 9.9, libreswan 5.3, chrony 4.8, podman 5.8.0, libvirt 11.10.0, QEMU 10.1.0,
    Samba 4.23.5, ipa 4.13.0, 389-ds-base 3.2.0, cockpit 356.
  • System packages updated: chrony 4.8,
    setools 4.6.0, fapolicyd 1.4.3, libssh 0.12.0, OpenSCAP 1.4.3, librepo 1.19.0, rsyslog 8.2510.0, OpenSSL 3.5.5, Cockpit 356, cmake 3.31.8, sudo 1.9.17p2, fwupd 2.0.19.
  • The desktop environment has been updated to GNOME 49 (previously GNOME 47). An experimental HDR (High Dynamic Range) mode has been added to the Mutter compositing manager for displays that support the extended brightness range.
    Updated Mesa 25.2.7, libinput 1.30 and PipeWire 1.4.9.
  • Experimental support for interactive authentication method selection has been added to the GDM login screen, including support for external identity providers (EIdP), FIDO2-compatible devices, and smartcards.
  • Firefox and Thunderbird have been migrated to Flatpak distribution.

Source: opennet.ru

Buy reliable hosting for sites with DDoS protection, VPS VDS servers 🔥 Buy reliable website hosting with DDoS protection, VPS VDS servers | ProHoster