Red Hat announced the availability of new releases of its enterprise distribution. Red Hat Enterprise Linux 10.2 и Red Hat Enterprise Linux 9.8The updates build on two supported RHEL branches and focus on three areas: preparing infrastructure for post-quantum cryptography, automating updates, and advancing the image-based approach to system deployment. Red Hat specifically emphasizes that the new versions are targeted at hybrid infrastructures, edge scenarios, container environments, and AI-related workloads.
RHEL 10.2 continues the development of the new 10th branch, while RHEL 9.8 remains an update to the more conservative 9th branch. RHEL 9.8 is planned to be supported through EUS and Enhanced EUS, while RHEL 10.2 will receive Enhanced EUS support. This is important for organizations that are locked into specific minor versions and don't want to frequently change the underlying platform.
Major changes
AI assistants for the command line.
RHEL 10.2 introduces the optional goose tool—a CLI assistant with streaming response support and integration with the Model Context Protocol Server for RHEL, currently available as a developer preview. Additionally, the built-in RHEL command-line assistant in RHEL 10.2 and 9.8 now features colorized output, making commands, scripts, and explanations easier to read in the terminal.Development of image mode and bootc.
The updates improve the scenario in which the operating system is treated as a bootable container image. The ability to preload updates via bootc without applying them immediately has been added, allowing for initial provisioning of a fleet of machines and then switching during a convenient maintenance window. BCVK improvements for quickly switching from a local container build to a test virtual machine and optimization of OS storage in the container store are also mentioned.New RHEL image builder interface.
A new CLI has been added for building custom RHEL images. It doesn't require a constantly running service and is better suited for CI/CD pipelines. In RHEL 9.8, the image builder can also create images with extended partition layouts, supports Kickstart file injection when building ISOs, and adds support for WSL2 images.Post-quantum cryptography.
In RHEL 10.2, OpenSSH gained support for ML-KEM post-quantum key exchange combined with elliptic curves in FIPS mode, libssh gained support for hybrid PQ/T key exchange methods, p11-kit gained support for PQC definitions in PKCS #11 headers, and podman-sequoia gained support for composite post-quantum signatures. In RHEL 9.8, GnuTLS 3.8.10 gained support for ML-KEM and ML-DSA, OpenSSH was updated to 9.9, and p11-kit also gained support for PQC definitions.Red Hat Certificate System 11.0 and PKI protection.
Along with RHEL, Red Hat is promoting Certificate System 11.0, which introduces ML-DSA signatures according to NIST standards. This is presented as preparation for a "collect now, decrypt later" scenario, where an attacker stores encrypted traffic or data in anticipation of future quantum computing. Zero-touch provisioning of certificates via a one-time password has also been added to automate certificate issuance for large numbers of devices.Sealed images for RHEL 10.2.
RHEL 10.2, as a Technology Preview, introduces sealed images for image mode. This technology allows you to sign OS images at build time with custom Secure Boot keys and configure target systems to trust only internally certified images. The idea is to extend the chain of trust from boot to runtime.Automate updates via Leapp and Ansible.
Red Hat is expanding its in-place upgrade scenarios: Leapp has received improvements for system migration and conversion, and Ansible Certified Content includes roles for analysis, remediation, and upgrade execution. RHEL 10.2 supports upgrading from RHEL 9.8 to RHEL 10.2 for x86-64-v3, ARM64, POWER10, and IBM Z z15.LinuxONE III and later. For RHEL 9.8, migration from RHEL 8.10 to RHEL 9.8 is supported, including SAP HANA systems.Updates to the kernel and monitoring tools.
RHEL 10.2 introduces Kernel Livepatch support for RHEL 10. Both branches receive perf extensions, a more upstream state for perf and BPF tools, debuginfod support, new Intel core/uncore/c-state/package performance events, improvements for AMD IBS load-latency filtering, driver and device ID updates for Intel EDAC, Intel QAT, and Intel/AMD accelerators. Crash, kdump, rtla, and rteval have also been updated, and Python bindings for cpupower have been added.New versions of server software and programming languages.
RHEL 10.2 includes PostgreSQL 18, MariaDB 11.8, PHP 8.4, Apache HTTP Server 2.4.63, and Node.js 24. RHEL 9.8 lists MariaDB 11.8 and Node.js 24 as new Application Streams.Updating compilers and development tools.
In RHEL 10.2, the system toolchain includes GCC 14.3, glibc 2.39, Binutils 2.41, and Annobin 13.02. Both branches have updated development and analysis tools: GDB 16.3, Valgrind 3.26.0, SystemTap 5.4, Dyninst 13.0.0, elfutils 0.194, libabigail 2.9, PCP 6.3.7, Grafana 10.2.6, GCC Toolset 15, LLVM Toolset 21.1.8, Rust Toolset 1.92.0, and Go Toolset 1.26.2. In RHEL 9.8, the base system toolchain has been updated to GCC 11.5, glibc 2.39, Annobin 12.98, and Binutils 2.35.2.Changes on the RHEL 10.2 desktop.
In RHEL 10.2, Firefox and Thunderbird are now shipped by default as Flatpak applications rather than RPM packages. The Anaconda installer preinstalls these Flatpak packages automatically.
Thus, RHEL 10.2 looks like a continuation of Red Hat's focus on immutable/image-based infrastructure, AI assistants, and new cryptographic mechanisms, while RHEL 9.8 looks like a more cautious update to the stable branch, where a significant portion of the tooling, cryptographic, and operational improvements have been transferred without a drastic change to the underlying platform.
Source: linux.org.ru
