Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 8.8

Kutulutsidwa kwa kugawa kwa Red Hat Enterprise Linux 8.8

Kutsatira kutulutsidwa kwa Red Hat Enterprise Linux 9.2, zosintha kunthambi yam'mbuyomu ya Red Hat Enterprise Linux 8.8 zidasindikizidwa, zomwe zimathandizidwa ndi RHEL 9.x nthambi ndipo zizithandizidwa osachepera mpaka 2029. Kukhazikitsa kumapangidwira kwa x86_64, s390x (IBM System z), ppc64le ndi Aarch64 zomanga, koma zimapezeka kuti zitsitsidwe kwa ogwiritsa ntchito olembetsa a Red Hat Customer Portal (zithunzi za CentOS Stream 9 iso ndi RHEL zaulere zomangira opanga zingagwiritsidwenso ntchito). Magwero a Red Hat Enterprise Linux 8 rpm phukusi amagawidwa kudzera mu CentOS Git repository.

Kukonzekera kwatsopano kukuchitika motsatira ndondomeko ya chitukuko, zomwe zikutanthawuza kupangidwa kwa zotulutsidwa miyezi isanu ndi umodzi iliyonse pa nthawi yokonzedweratu. Mpaka chaka cha 2024, nthambi ya 8.x idzakhala yothandizira zonse, kutanthauza kuphatikizidwa kwa kusintha kwa ntchito, pambuyo pake idzasunthira kumalo okonzekera, momwe zinthu zofunika kwambiri zidzasinthira ku kukonza zolakwika ndi chitetezo, ndi kusintha kwazing'ono zokhudzana ndi kuthandizira. machitidwe ovuta a hardware.

Zosintha zazikulu:

  • Zosinthidwa seva ndi phukusi phukusi: nginx 1.22, Libreswan 4.9, OpenSCAP 1.3.7, Grafana 7.5.15, powertop rebased 2.15, tuned 2.20.0, NetworkManager 1.40.16, mod_security 2.9.6, samba 4.17.5.
  • Zolembazo zikuphatikiza mitundu yatsopano ya ophatikiza ndi zida za opanga: GCC Toolset 12, LLVM Toolset 15.0.7, Rust Toolset 1.66, Go Toolset 1.19.4, Python 3.11, Node.js 18.14, PostgreSQL 15, Git 2.39.1 Valgri. , SystemTap 3.19, Apache Tomcat 4.8.
  • Makonda a FIPS asinthidwa kuti akwaniritse zofunikira za FIPS 140-3 mulingo. 3DES, ECDH ndi FFDH ndizolephereka, kukula kochepa kwa makiyi a HMAC kumangokhala ma bits 112, ndipo kukula kochepa kwa makiyi a RSA ndi 2048 bits, SHA-224, SHA-384, SHA512-224, SHA512-256, SHA3-224 ndi ma SHA3 hashes ali olumala mu DRBG pseudo-random number jenereta -384.
  • Mfundo za SELinux zasinthidwa kuti zilole systemd-socket-proxyd kugwira ntchito.
  • Woyang'anira phukusi la yum amakhazikitsa lamulo lokweza osatsegula pa intaneti kuti agwiritse ntchito zosintha pamakina opanda intaneti. Chofunikira pakusintha kwapaintaneti ndikuti, choyamba, mapaketi atsopano amatsitsidwa pogwiritsa ntchito lamulo la "yum offline-upgrade download", kenako lamulo la "yum offline-upgrade reboot" limaperekedwa kuti ayambitsenso makinawo kukhala malo ochepa ndikuyika zosintha zomwe zilipo. mmenemo popanda kusokoneza ndondomeko za ntchito. Kuyika zosintha zikamalizidwa, makinawo amayambiranso kumalo ogwirira ntchito. Mukatsitsa zosintha zapaintaneti, mutha kugwiritsa ntchito zosefera, mwachitsanzo, "--advisory", "--security", "--bugfix".
  • Phukusi latsopano la synce4l lawonjezeredwa kuti ligwiritse ntchito ukadaulo wa SyncE (Synchronous Ethernet) wolumikizana pafupipafupi, wothandizidwa ndi makadi ena a netiweki ndi masinthidwe a netiweki, ndikulola kulumikizana bwino kwambiri mu mapulogalamu a RAN (Radio Access Network) chifukwa cha kulumikizana kolondola kwa nthawi.
  • Fayilo yatsopano yosinthira /etc/fapolicyd/rpm-filter.conf yawonjezeredwa ku ndondomeko ya fapolicyd (File Access Policy Daemon), yomwe imakupatsani mwayi wodziwa mapulogalamu omwe angayambitsidwe ndi wogwiritsa ntchito komanso omwe sangathe, kukonza mndandanda. Mafayilo a database a RPM package manager omwe amasinthidwa kukhala fapolicyd. Mwachitsanzo, fayilo yatsopano yosinthira ikhoza kugwiritsidwa ntchito kusaphatikiza mapulogalamu ena omwe adayikidwa kudzera pa woyang'anira phukusi la RPM ku mfundo zofikira.
  • Mu kernel, mukataya zambiri za kusefukira kwa SYN mu chipika, zambiri za adilesi ya IP yomwe idalumikizidwa imaperekedwa kuti zitheke kudziwa cholinga cha kusefukira kwamadzi pamakina omwe ali ndi othandizira omangika kumaadiresi osiyanasiyana a IP.
  • Onjezani ntchito yamakina a zida za podman, zomwe zimakupatsani mwayi kuti muzitha kuyang'anira zokonda za Podman, zotengera, ndi mautumiki a systemd omwe amayendetsa zotengera za Podman. Podman amawonjezera chithandizo pakupanga zochitika zowunikira, kulumikiza othandizira otsogolera (/usr/libexec/podman/pre-exec-hook ndi /etc/containers/pre-exec-hook), ndikugwiritsa ntchito mtundu wa Sigstore kusunga ma signature a digito zithunzi zotengera.
  • Zida zopangira zida zowongolera zotengera zakutali zasinthidwa, kuphatikiza mapaketi monga Podman, Buildah, Skopeo, crun ndi runc.
  • Chida cha bokosi lazida chawonjezeredwa chomwe chimakupatsani mwayi wotsegulira malo ena akutali, omwe amatha kukhazikitsidwa mwanjira iliyonse pogwiritsa ntchito manjala wa phukusi la DNF. Wopanga mapulogalamu amangofunika kuyendetsa lamulo la "Toolbox create", pambuyo pake nthawi iliyonse akhoza kulowa malo omwe adalengedwa ndi lamulo la "Toolbox enter" ndikuyika phukusi lililonse pogwiritsa ntchito yum utility.
  • Thandizo lowonjezera pakupanga zithunzi mumtundu wa vhd womwe umagwiritsidwa ntchito mu Microsoft Azure pamapangidwe a ARM64.
  • SSSD (System Security Services Daemon) yawonjezera chithandizo chosinthira mayina achikwatu apanyumba kukhala zilembo zazing'ono (kudzera kugwiritsa ntchito "%h" m'malo mwa override_homedir otchulidwa mu /etc/sssd/sssd.conf). Kuphatikiza apo, ogwiritsa ntchito amaloledwa kusintha mawu achinsinsi osungidwa mu LDAP (othandizidwa mwa kukhazikitsa mtengo wamthunzi wa ldap_pwd_policy chikhalidwe mu /etc/sssd/sssd.conf).
  • glibc imagwiritsa ntchito njira yatsopano yolumikizira yolumikizira ya DSO yomwe imagwiritsa ntchito kufufuza kozama koyamba (DFS) kuthana ndi zovuta za magwiridwe antchito ndi kudalira kwa looping. Kuti musankhe algorithm yosankha ya DSO, gawo la glibc.rtld.dynamic_sort=2 likukonzedwa, lomwe lingakhazikitsidwe ku "1" kuti libwerere ku algorithm yakale.
  • The rteval utility imapereka chidule chazochulukira pulogalamu, ulusi, ndi ma CPU omwe amagwiritsidwa ntchito popanga ulusiwo.
  • Ntchito ya oslat yawonjezera njira zowonjezera zoyezera kuchedwa.
  • Onjezani madalaivala atsopano a SoC Intel Elkhart Lake, Solarflare Siena, NVIDIA sn2201, AMD SEV, AMD TDX, ACPI Video, Intel GVT-g ya KVM, HP iLO/iLO2.
  • Kuthandizira koyeserera kwamakadi ojambula a Intel Arc discrete (DG2/Alchemist). Kuti muwongolere kuthamanga kwa hardware pa makadi oterowo, muyenera kufotokozera PCI ID ya khadi pa boot kudzera pa kernel parameter "i915.force_probe=pci-id".
  • Phukusi la inkscape la inkscape1 lasinthidwa ndi inkscape1, yomwe imagwiritsa ntchito Python 3. Mtundu wa Inkscape wasinthidwa kuchokera ku 0.92 mpaka 1.0.
  • Mu mawonekedwe a kiosk, mutha kugwiritsa ntchito kiyibodi ya GNOME pa skrini.
  • Laibulale ya libsoup ndi kasitomala wamakalata a Evolution awonjezera chithandizo cha kutsimikizika mu Microsoft Exchange Server pogwiritsa ntchito protocol ya NTLMv2.
  • GNOME imapereka mwayi wosintha makonda omwe akuwonetsedwa mukadina kumanja pa desktop. Wogwiritsa ntchito tsopano atha kuwonjezera zinthu pazosankha kuti ayendetse malamulo osagwirizana.
  • GNOME imakupatsani mwayi woletsa kusintha ma desktops posunthira mmwamba kapena pansi ndi zala zitatu pa touchpad.
  • Kupitiliza kupereka zoyeserera (Technology Preview) zothandizira AF_XDP, XDP kutsitsa kwa hardware, Multipath TCP (MPTCP), MPLS (Multi-protocol Label Switching), DSA (data streaming accelerator), KTLS, dracut, kexec fast reboot, nispor, DAX mu ext4 ndi xfs, systemd-resolved, accel-config, igc, OverlayFS, Stratis, Software Guard Extensions (SGX), NVMe/TCP, DNSSEC, GNOME pa ARM64 ndi IBM Z machitidwe, AMD SEV ya KVM, Intel vGPU, Toolbox.

Source: opennet.ru

Kuwonjezera ndemanga