ProHoster > Blog > xov xwm hauv internet > Kev tso tawm ntawm Red Hat Enterprise kev faib tawm Linux 8.8

Kev tso tawm ntawm Red Hat Enterprise kev faib tawm Linux 8.8

Tom qab kev tso tawm ntawm Red Hat Enterprise Linux 9.2, qhov hloov tshiab rau ceg Red Hat Enterprise yav dhau los, tau luam tawm lawm. Linux 8.8, uas tau tswj hwm ua ke nrog RHEL 9.x ceg thiab yuav raug txhawb nqa kom txog thaum tsawg kawg 2029. Cov qauv kev teeb tsa tau npaj rau x86_64, s390x (IBM System z), ppc64le thiab Aarch64 architectures, tab sis tsuas yog muaj rau rub tawm rau cov neeg siv sau npe ntawm Red Hat Customer Portal (ISO cov duab kuj tseem siv tau CentOS Stream 9 thiab RHEL tsim dawb rau cov neeg tsim khoom). Red Hat Enterprise RPM pob khoom siv Linux 8 tau muab faib los ntawm Git repository CentOS.

Kev npaj cov kev tshaj tawm tshiab yog ua tiav raws li lub voj voog kev loj hlob, uas txhais tau hais tias tsim cov kev tshaj tawm txhua rau lub hlis ntawm lub sijhawm teem tseg. Txog xyoo 2024, 8.x ceg yuav nyob rau theem kev txhawb nqa tag nrho, uas suav nrog kev suav nrog kev txhim kho kev ua haujlwm, tom qab ntawd nws yuav txav mus rau theem kev saib xyuas, qhov tseem ceeb yuav hloov mus rau kev kho kab mob thiab kev nyab xeeb, nrog rau kev txhim kho me me ntsig txog kev txhawb nqa. tseem ceeb kho vajtse systems.

Cov kev hloov pauv tseem ceeb:

  • Hloov tshiab cov neeg rau zaub mov thiab cov pob khoom: nginx 1.22, Libreswan 4.9, OpenSCAP 1.3.7, Grafana 7.5.15, powertop rebased 2.15, tuned 2.20.0, NetworkManager 1.40.16, mod_security 2.9.6, samba.4.17.5.
  • Cov muaj pes tsawg leeg muaj xws li tshiab versions ntawm compilers thiab cov cuab yeej rau developers: GCC Toolset 12, LLVM Toolset 15.0.7, Rust Toolset 1.66, Go Toolset 1.19.4, Python 3.11, Node.js 18.14, PostgreSQL 15, Git 2.39.1. , SystemTap 3.19, Apache Tomcat 4.8.
  • FIPS hom kev teeb tsa tau raug hloov pauv kom ua tau raws li qhov yuav tsum tau ua ntawm FIPS 140-3 tus qauv. 3DES, ECDH thiab FFDH yog neeg xiam, qhov tsawg kawg nkaus ntawm HMAC cov yuam sij raug txwv rau 112 khoom, thiab qhov tsawg kawg nkaus ntawm RSA yuam sij yog 2048 khoom, SHA-224, SHA-384, SHA512-224, SHA512-256, SHA3-224 thiab SHA3 hashes yog neeg xiam nyob rau hauv DRBG pseudo-random tooj generator -384.
  • Cov Cai ntawm SELinux hloov kho kom txhawb nqa systemd-socket-proxyd.
  • Tus thawj tswj pob yum siv cov lus hais kom hloov kho offline los siv cov kev hloov tshiab rau lub kaw lus hauv hom offline. Lub ntsiab lus ntawm kev hloov tshiab offline yog thawj zaug, cov pob tshiab tau rub tawm siv "yum offline-upgrade download" hais kom ua, tom qab ntawd "yum offline-upgrade reboot" hais kom ua kom rov pib lub kaw lus rau hauv ib puag ncig tsawg thiab nruab qhov hloov tshiab uas twb muaj lawm. hauv nws yam tsis muaj kev cuam tshuam nrog cov txheej txheem ua haujlwm. Tom qab lub installation ntawm kev hloov tshiab tiav, lub kaw lus reboots rau hauv ib qho chaw ua hauj lwm ib txwm. Thaum rub tawm pob ntawv rau kev hloov tshiab offline, koj tuaj yeem siv cov ntxaij lim dej, piv txwv li, "--advisory", "--security", "--bugfix".
  • Ib pob tshiab synce4l tau ntxiv los ua kom zoo dua ntawm SyncE (Synchronous Ethernet) zaus synchronization technology, txhawb nqa hauv qee daim npav network thiab network keyboards, thiab tso cai rau kev sib txuas lus zoo dua hauv RAN (Xov tooj cua Access Network) daim ntawv thov vim yog lub sijhawm synchronization ntau dua.
  • Cov ntaub ntawv teeb tsa tshiab /etc/fapolicyd/rpm-filter.conf tau ntxiv rau hauv fapolicyd (File Access Policy Daemon) lub moj khaum, uas tso cai rau koj los txiav txim siab seb cov kev pab cuam twg tuaj yeem tsim los ntawm ib tus neeg siv tshwj xeeb thiab uas tsis tuaj yeem, los teeb tsa cov npe ntawm cov ntaub ntawv database rau RPM pob tus thawj tswj uas tau ua tiav fapolicyd. Piv txwv li, cov ntaub ntawv teeb tsa tshiab tuaj yeem siv los tshem tawm cov ntawv thov tshwj xeeb tau teeb tsa los ntawm RPM pob tus thawj tswj hwm los ntawm cov cai nkag.
  • Hauv lub kernel, thaum muab cov ntaub ntawv hais txog qhov dej nyab SYN uas pom tau rau hauv lub cav, cov ntaub ntawv hais txog qhov chaw nyob IP uas tau txais kev sib txuas tau muab los ua kom yooj yim rau kev txiav txim siab ntawm lub hom phiaj dej nyab ntawm cov kab ke nrog cov neeg ua haujlwm khi rau ntau yam. Kuv tus IP chaw nyob.
  • Ntxiv lub luag haujlwm tseem ceeb rau cov khoom siv podman, tso cai rau koj los tswj Podman chaw, ntim khoom, thiab cov kev pabcuam systemd uas khiav Podman ntim. Podman ntxiv kev txhawb nqa rau tsim cov xwm txheej tshawb xyuas, txuas cov neeg ua haujlwm ua ntej (/ usr / libexec / podman / pre-exec-hooks thiab /etc/containers/pre-exec-hooks), thiab siv Sigstore hom ntawv khaws cov ntawv kos npe nrog rau ntim cov duab.
  • Lub thawv-cov cuab yeej cuab tam rau kev tswj cov thawv cais tau raug kho tshiab, suav nrog cov pob khoom xws li Podman, Buildah, Skopeo, crun thiab runc.
  • Cov cuab yeej siv cuab yeej cuab tam tau ntxiv uas tso cai rau koj los tsim ib qho chaw sib cais ntxiv, uas tuaj yeem teeb tsa hauv txhua txoj kev siv tus thawj tswj pob DNF li niaj zaus. Tus tsim tawm tsuas yog yuav tsum tau khiav "toolbox tsim" hais kom ua, tom qab ntawd txhua lub sijhawm nws tuaj yeem nkag mus rau qhov chaw tsim nrog "toolbox enter" hais kom ua thiab nruab ib pob khoom siv yum utility.
  • Ntxiv kev txhawb nqa rau kev tsim cov duab hauv vhd hom siv hauv Microsoft Azure rau ARM64 architecture.
  • SSSD (System Security Services Daemon) tau ntxiv kev txhawb nqa rau kev hloov cov npe hauv tsev rau cov cim qis (ntawm kev siv "%h" hloov pauv hauv override_homedir tus cwj pwm tau teev tseg hauv /etc/sssd/sssd.conf). Tsis tas li ntawd, cov neeg siv tau tso cai hloov tus password khaws cia hauv LDAP (ua haujlwm los ntawm kev teeb tsa tus duab ntxoov ntxoo rau ldap_pwd_policy attribute hauv /etc/sssd/sssd.conf).
  • glibc siv qhov tshiab DSO dynamic linking sorting algorithm uas siv qhov tob-thawj kev tshawb nrhiav (DFS) los daws cov teeb meem kev ua haujlwm nrog cov kev vam meej. Txhawm rau xaiv DSO sorting algorithm, glibc.rtld.dynamic_sort = 2 parameter yog npaj, uas tuaj yeem teem rau "1" kom rov qab mus rau qhov qub algorithm.
  • Cov khoom siv rteval muab cov ntsiab lus qhia txog kev thauj khoom, xov, thiab CPUs siv los ua cov xov no.
  • Lub chaw siv hluav taws xob oslat tau ntxiv cov kev xaiv ntxiv rau kev ntsuas qeeb.
  • Ntxiv cov tsav tsheb tshiab rau SoC Intel Elkhart Lake, Solarflare Siena, NVIDIA sn2201, AMD SEV, AMD TDX, ACPI Video, Intel GVT-g rau KVM, HP iLO/iLO2.
  • Ntxiv kev sim txhawb rau Intel Arc discrete graphics phaib (DG2 / Alchemist). Txhawm rau pab kom kho vajtse nrawm nrawm ntawm daim npav video, koj yuav tsum qhia meej PCI ID ntawm daim npav ntawm khau raj ntawm cov ntsiav tsis "i915.force_probe=pci-id".
  • Lub inkscape pob inkscape1 tau hloov los ntawm inkscape1, uas siv Python 3. Cov Inkscape version tau hloov kho los ntawm 0.92 txog 1.0.
  • Hauv hom kiosk, koj tuaj yeem siv GNOME on-screen keyboard.
  • Lub tsev qiv ntawv libsoup thiab Evolution mail client tau ntxiv kev txhawb nqa rau kev lees paub hauv Microsoft Exchange Server siv NTLMv2 raws tu qauv.
  • GNOME muab lub peev xwm los hloov kho cov ntawv qhia zaub mov uas pom thaum koj nyem rau ntawm lub desktop. Tus neeg siv tam sim no tuaj yeem ntxiv cov khoom rau hauv cov ntawv qhia zaub mov kom khiav arbitrary commands.
  • GNOME tso cai rau kev kaw qhov kev hloov pauv virtualnyx rabochikh stolov los ntawm kev txav mus rau saum lossis nqis nrog peb tus ntiv tes ntawm lub touchpad.
  • Txuas ntxiv muab kev sim (Technology Preview) kev txhawb nqa rau AF_XDP, XDP hardware offloading, Multipath TCP (MPTCP), MPLS (Multi-protocol Label Switching), DSA (cov ntaub ntawv streaming accelerator), KTLS, dracut, kexec ceev reboot, nispor, DAX hauv ext4 thiab xfs, systemd-resolved, accel-config, igc, OverlayFS, Stratis, Software Guard Extensions (SGX), NVMe/TCP, DNSSEC, GNOME ntawm ARM64 thiab IBM Z systems, AMD SEV rau KVM, Intel vGPU, Toolbox.

Tau qhov twg los: opennet.ru

Yuav txhim khu kev qha hosting rau cov chaw nrog DDoS tiv thaiv, VPS VDS servers 🔥 Yuav lub vev xaib hosting txhim khu kev qha nrog kev tiv thaiv DDoS, VPS VDS servers | ProHoster