ProHoster > Blog > internet news > Red Hat Enterprise Linux 7.7 Release

Red Hat Enterprise Linux 7.7 Release

Red Hat Company released Red Hat Enterprise Linux 7.7 distribution. RHEL 7.7 Install Images available for download by registered Red Hat Customer Portal users only and prepared for the x86_64, IBM POWER7+, POWER8 (big endian and little endian), and IBM System z architectures. Package sources can be downloaded from git repository CentOS project.

RHEL 7.x branch maintained in parallel with branch RHEL 8.x and will be supported until June 2024. The RHEL 7.7 release is the latest in a major full support phase that includes functional enhancements. RHEL 7.8 will go over into the maintenance phase, where priorities will shift towards bug fixes and security, with minor improvements related to support for critical hardware systems.

All innovations:

  • Provided full support for applying the Live patch mechanism (kpatch) to fix vulnerabilities in the Linux kernel without restarting the system and without stopping work. Previously, kpatch was considered experimental;
  • Added python3 packages with Python 3.6 interpreter. Previously, Python 3 was shipped only as part of Red Hat Software Collections. By default, Python 2.7 is still offered (the transition to Python 3 was made in RHEL 8);
  • Added screen presets (/etc/xdg/monitors.xml) to the Mutter window manager for all users in the system (no need to configure screen settings for each user separately;
  • Added to the graphical installer the detection of the inclusion of the Simultaneous Multithreading (SMT) mode in the system and the output of the corresponding warning;
  • Provides full support for Image Builder, a system image builder for cloud environments including Amazon Web Services, Microsoft Azure, and Google Cloud Platform;
  • SSSD (System Security Services Daemon) has full support for storing sudo rules in Active Directory;
  • Added support for additional cipher suites in the default certificate system, including TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_CBC/GCM_SHA384,
    TLS_ECDHE_RSA_WITH_AES_128_CBC/GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC/GCM_SHA384 and TLS_RSA_WITH_AES_256_GCM_SHA384;

  • The samba package has been updated to version 4.9.1 (version 4.8.3 was shipped in the previous release). Directory server 389 updated to version 1.3.9.1;
  • The maximum number of nodes in a RHEL-based failover cluster has been increased from 16 to 32;
  • For all architectures, IMA (Integrity Measurement Architecture) support is provided to check the integrity of files and their associated metadata based on pre-stored hashes and EVM (extended verification module) to protect extended file attributes (xattrs) from attacks aimed at violating their integrity (EVM will not allow an offline attack, in which an attacker can change metadata, for example, by booting from his drive);
  • Added a lightweight toolkit for managing isolated containers, using to build containers Buildah, for start - podman and to search for ready-made images - Skopje;
  • New installs of Specter V2 attack protection now use Retpoline ("spectre_v2=retpoline") instead of IBRS by default;
  • The source code for the real-time edition of kernel-rt is synchronized with the main kernel;
  • bind DNS server updated to branch 9.11, and ipset until release 7.1. Added rpz-drop rule to block attacks using DNS as a traffic booster;
  • Added the ability to set routing rules by source address (policy routing) and support for VLAN filtering on network bridge interfaces in NetworkManager;
  • SELinux adds a new boltd_t type for the boltd daemon that manages Thunderbolt 3 devices. Added a new bpf rule class for inspecting Berkeley Packet Filter (BPF) based applications;
  • Updated shadow-utils 4.6, ghostscript 9.25, chrony 3.4, libssh2 1.8.0, tuned 2.11;
  • Includes xorriso program for creating and manipulating ISO 9660 CD/DVD images;
  • Added support for Data Integrity Extensions, which allow you to protect data from damage when writing to storage by saving additional corrective blocks;
  • Added conversion support to the virt-v2v utility to run SUSE Linux Enterprise Server (SLES) and SUSE Linux Enterprise Desktop (SLED) virtual machines running on KVM with non-KVM hypervisors. Improved performance and reliability of converting VMWare virtual machines. Added support for converting virtual machines using UEFI firmware to run in Red Hat Virtualization (RHV);
  • The gcc-libraries package has been updated to version 8.3.1. Added package compat-sap-c++-8 with a variant of libstdc++ runtime library compatible with SAP applications;
  • Includes the Geolite2 database, in addition to the obsolete Geolite database offered in the GeoIP package;
  • The SystemTap tracing tool has been updated to the 4.0 branch, and the Valgrind memory debug tool to version 3.14;
  • The vim editor has been updated to version 7.4.629;
  • The set of filters for the cups-filters printing system has been updated to version 1.0.35. The cups-browsed background process has been updated to version 1.13.4. Added new implicitclass backend;
  • Added new network and graphics drivers. Updated existing drivers;

Source: opennet.ru

Add a comment