ProHoster > Блог > rongo ipurangi > Te tukunga o te tohatoha Red Hat Enterprise Linux 8.9

Te tukunga o te tohatoha Red Hat Enterprise Linux 8.9

Whai muri i te tukunga o Red Hat Enterprise Linux Kua whakaputaina te putanga 9.3, he whakahoutanga ki te peka o mua o Red Hat Enterprise. Linux 8.9, e puritia ana i te taha o te peka RHEL 9.x, ā, ka tautokona tae noa ki te tau 2029 pea. Kua whakaritea ngā hanganga tāutanga mō ngā hoahoa x86_64, s390x (IBM System z), ppc64le me Aarch64, engari e wātea ana hei tango mā ngā kaiwhakamahi rēhita o te Red Hat Customer Portal anake (ka taea hoki te whakamahi i ngā whakaahua ISO). CentOS (Rere 9 me ngā hanganga RHEL kore utu mō ngā kaiwhakawhanake).

Pērā i te peka RHEL 9, kāore te waehere pūtake mō ngā mōkihi RHEL 8 RPM e tohatohahia ana ki te marea mā te putunga Git. CentOS, engari ka noho tonu te urunga atu ki ngā kiritaki a te kamupene mā roto i tētahi wāhanga kati o te paetukutuku, e pā ana ki tētahi whakaaetanga kaiwhakamahi (EULA) e aukati ana i te tohatoha raraunga. Kei roto i te putunga raraunga te waehere pūtake CentOS Rere atu, engari kāore i te tino tukutahi ki a RHEL, ā, kāore i te mau tonu ngā putanga hou o ngā mōkihi e ōrite ana ki ērā o RHEL. Rocky Linux, kua mahi tahi a Oracle me SUSE, ā, kei te tāruatia inaianei te waehere pūtake o ngā mōkihi rpm tukunga RHEL hei wāhanga o te kaupapa OpenELA. AlmaLinux kua huri ki te whakamahi i te putunga raraunga CentOS Mā te awa ka taea te kite i ngā rerekētanga iti o te whanonga (tērā pea ka rerekē i te taumata o ngā papaki takitahi), engari ka mau tonu te hototahitanga rua i te taumata ABI.

Te whakarite i ngā tukunga hou o Red Hat Enterprise Linux E whai ana a 8.x i tētahi huringa whanaketanga me ngā tukunga i ia ono marama i ngā wā kua whakaritea. Tae noa ki te tau 2024, ka tautokona katoatia te peka 8.x, tae atu ki ngā whakapainga mahi. Muri iho, ka neke ki te tiaki, ka neke te arotahi ki ngā whakatikatika pepeke me te haumarutanga, me ngā whakapainga iti e pā ana ki te tautoko i ngā pūnaha taputapu nui.

Huringa matua:

  • Kei roto i te hanganga nga putanga hou o te hunga whakahiato me nga taputapu mo nga kaihanga: GCC Toolset 13, LLVM Toolset 16.0.6, Rust Toolset 1.71.1, Go Toolset 1.20.10, Node.js 20, Valgrind 3.21, SystemTap 4.9, elfutils 0.189, java-21. 17 -openjdk (java-11-openjdk, java-1.8.0-openjdk me java-XNUMX-openjdk kei te haere tonu te tuku).
  • Whakahoutia te tūmau me nga kohinga punaha: samba 4.18.4, 389-ds-base 1.4.3.35, OpenSCAP 1.3.8, Grafana 9.2.10, opencryptoki 3.21.0, iproute 6.2.0, libnftnl 1.2.2, makedumpfile 1.7.2 Podman 4.6.
  • Ko te tautoko mo te whakaoho i te aratau UEFI kua taapirihia ki nga whakaahua AMI mo nga taiao kapua AWS EC2.
  • Ko te tawhā "inst.wait_for_disks" kua taapirihia ki nga huihuinga whakaurunga, e tohu ana i te wa tatari mo te konae kickstart ki te uta, kia rite ranei nga kaitaraiwa i te wa e mahi ana.
  • I roto i ngā kōnae tīmatanga, kua tāpirihia ngā kōwhiringa hou "--ipv4-dns-search" me "--ipv6-dns-search" ki te whakahau whatunga hei whakatakoto i te kaupapa taketake доменов mō te tohutohu "rapu" i roto i te /etc/resolv.conf, me ngā kōwhiringa "--ipv4-ignore-auto-dns" me te "--ipv6-ignore-auto-dns" hei kore aro ki te tiki i ngā tautuhinga DNS mā te DHCP.
  • Hei whakangawari i nga raruraru patuiro, kua taapirihia e te ratonga fapolicyd te tuku tau ture mo nga waea kua paopao ki te API fanotify.
  • ANSSI-BP-028 (French National Agency for the Security of Information Systems) kua whakahōuhia ki te putanga 2.0.
  • Ko te tautoko mo nga kaupapa FANOTIFY kua taapirihia ki nga taputapu arotake me nga mara fan_type (momo takahanga), fan_info (mohiohio e pa ana), sub_trust me obj_trust (nga taumata whakawhirinaki mo te kaupapa me te ahanoa o te huihuinga) kua tiakina ki te raarangi.
  • Kei a Postfix te kaha ki te tirotiro i ngā tuhinga DNS SRV hei whakatau i te kaihautū me te tauranga o tētahi tūmau mēra. tūmau, ka whakamahia mō te tuku karere. Ka taea te whakamahi i tēnei āhuatanga kua whakaarohia i roto i ngā hanganga e whakamahi ana i ngā ratonga me ngā tau tauranga whatunga kua tohaina hihiri hei tuku karere īmēra.
  • Kei te tautoko te tūmau FTP vsftpd i te whakamahinga o te kawa TLS 1.3.
  • Ka tāpirihia e te mōkihi tātari kapu he atekōkiri LF-ki-CRLF ka taea te huri i ngā pūāhua "\n" (raina whāngai) ki ngā pūāhua "\r\n" (whakahoki waka me te whāngai raina) mō ngā pūreretā e tautoko ana i te kōnae- mutu nga rarangi tukatuka "\r\n".
  • Kua whakareia te haumarutanga o nga tautuhinga ratonga nftables taunoa. Kei roto i te /etc/sysconfig/nftables/nat.nft he mekameka do_masquerade hou e arowhai ana i te taumata o te matapōkeretanga o nga tau tauranga puna hei whakaiti i te tupono o te whakaekenga Tauranga Tauranga (CVE-2021-3773).
  • Kei te tautoko a NetworkManager i te kōwhiringa "no-aaaa" i roto i te resolv.conf, e whakakore ana i ngā patai DNS mō ngā tuhinga AAAA (te taumira wāhitau IPv6 i runga i te ingoa kaihautū). Kei te tautoko inaianei te taputapu nm-cloud-setup i te whirihoranga AWS Red Hat Enterprise. Linux EC2 mā te whakamahi i ngā tohu IMDSv2 (Instance Metadata Service Putanga 2).
  • Hei whakamarumaru i nga whakaeke a Specter v2 e pa ana ki te whakatinanatanga o nga tohutohu, ko te AutoIBRS (Automatic Indirect Branch Restricted Speculation) kua taapirihia, ka tautokohia i roto i nga PTM AMD timata mai i te whanau EPYC 9004 Genoa.
  • Mai i te pūtake Linux I whakawhitihia e te putanga 6.2 te taraiwa Intel QAT me te tautoko mō ngā taputapu Intel Quick Assist Technology 401xx/402xx.
  • Kua taapirihia te kaha ki te tautuhi i tetahi UUID i te wa e hanga ana i te punaha konae GFS2 (kua taapirihia te whakahau "-U" ki te taputapu mkfs.gfs2).
  • Ka taapirihia e te FUSE3 te kaha ki te whakakore i te urunga whaiaronga me te kore e tango aunoa i nga tohu maunga e hono ana ki taua urunga.
  • Kua whakawhänuihia nga kaha mo nga tautau me nga punaha whakararu i te he: Kua taapirihia te tautoko mo te ararere kaupapa here ki nga kaihoko rauemi roopu IPaddr2 me IPsrcaddr. Ko te tautoko mo te EFS (Amazon Elastic File System) kua taapirihia ki te ocf:heartbeat:Filesystem agent. Kua taapirihia te tautoko mo te kawa SNMPv3 ki te kaihoko alert_snmp.sh.sample.
  • Kua taapirihia nga huringa ki a Glibc me nga arotautanga hei whakapai ake i nga mahi i runga i nga punaha me nga CPU Intel Xeon v5.
  • He tautoko katoa mo nga kaari whakairoiro Intel Arc A-Series (Alchemist, DG2 ranei).
  • Kua taapirihia he mahi punaha hei whakahaere me te whakauru i nga waeine systemd. Kua taapirihia he mahi punaha mo te whakauru, te whirihora, te whakahaere me te whakahaere i te PostgreSQL DBMS. Kua taapirihia he mahi a te punaha mo te kete taputapu keylime, e whakamaarama ana i te whirihoranga o te kairēhita Keylime me te kaitirotiro, whakamahia hei whakaū i te pono me te aro turuki tonu i te tika o te punaha o waho. Ko te tautoko mo te tautuhi, te whakarereke me te whakakore i nga ipset kua taapirihia ki te waahi o te punaha paahi ahi. Ko nga mahi a te punaha mo Podman, Kdump, Rokiroki me te Microsoft SQL Server kua whakawhānuihia.
  • He tautoko taapiri mo nga konae matua e whakamahia ana i NetworkManager ki te kapua-init.
  • Ka taapirihia e Podman te tautoko mo nga ipu kua kopaki ma te whakamahi i te zstd algorithm. Kua taapirihia te kaha ki te whakamahi Quadlets ki te whakaputa aunoa i nga ratonga punaha mai i nga whakaahuatanga ipu. He anga podmansh kua taapirihia, ka taea te whakamahi hei utu mo te /usr/bin/bash ki te timata i tetahi huihuinga kaiwhakamahi i roto i te ipu. Ko nga putanga whakahou o Podman, Buildah, Skopeo, crun me runc.
  • Kua taapirihia nga tawhā raina whakahau kernel hou: gather_data_sampling hei whakahaere i te aratau whakamarumaru ki nga whakaeke a te GDS (Kohikohia te Tauira Raraunga, Whakahekea ranei me te rdrand hei huna i te tautoko mo te ako RDRAND.
  • Kua whakawhānuihia te tautoko taputapu. Kua tāpirihia ngā taraiwa mō ngā taputapu whatunga Thunderbolt/USB4 (thunderbolt_net) me ngā urutau ahokore Broadcom 802.11 (brcmfmac) i tukuna mō ngā pūnaha ARM64. Kua tāpirihia ngā taraiwa mō ngā taputapu Nihokikorangi MediaTek, Microsoft Azure Network Adapter IB (mana_ib), Linux Atekōkiri Akomanga Ataata USB (uvc), AMD SoundWire (soundwire-amd), Aratau Rerekē DisplayPort (typec_displayport), Virtio-mem (virtio_mem). Tautoko whakapai ake mō ngā tukatuka Intel i runga i te hoahoanga iti o Meteor Lake.
  • Kua whakapumautia te tautoko a te kiritaki mo nga waahanga whakaahuru tohu tohu: Rekor (he rangitaki mo te penapena metadata kua whakamanahia me nga waitohu mamati) me Fulcio (he punaha o nga mana tohu (root CAs) e tuku tiwhikete wa poto).
  • Ko te whakarato tonu o te tautoko whakamatautau (Hangarau Arokite) mo te AF_XDP, te utaina taputapu XDP, Multipath TCP (MPTCP), MPLS (Multi-protocol Label Switching), DSA (whakatere rerenga raraunga), dracut, kexec fast reboot, nispor, DAX i ext4 me xfs, kua whakatauhia e te punaha, accel-config, igc, OverlayFS, Stratis, Toronga Kaitiaki Pūmanawa (SGX), NVMe/TCP, DNSSEC, GNOME i runga i nga punaha ARM64 me IBM Z, AMD SEV mo KVM, Intel vGPU, Pouaka Utauta.

Source: opennet.ru

Hokona te manaaki pono mo nga waahi me te tiaki DDoS, nga kaiwhakarato VPS VDS 🔥 Hokona he manaaki paetukutuku pono me te tiakitanga DDoS, ngā tūmau VPS VDS | ProHoster