ProHoster > Blog > internet nhau > Kuburitswa kweRed Hat Enterprise Linux 8.8 kugovera

Kuburitswa kweRed Hat Enterprise Linux 8.8 kugovera

Zvichitevera kuburitswa kweRed Hat Enterprise Linux 9.2, imwe gadziriso kubazi rekare reRed Hat Enterprise Linux 8.8 yaburitswa, iyo inoperekedzwa mukufambirana nebazi reRHEL 9.x uye ichatsigirwa kusvika zvinosvika 2029. Kuiswa kwekuvaka kwakagadzirirwa iyo x86_64, s390x (IBM System z), ppc64le uye Aarch64 architecture, asi anowanikwa kuti atore pasi chete kune vakanyoreswa vashandisi veRed Hat Mutengi Portal (CentOS Stream 9 iso mifananidzo uye yemahara RHEL inovaka kune vanogadzira inogona zvakare kuwanikwa. kushandiswa). Red Hat Enterprise Linux 8 rpm mapakeji anogoverwa kuburikidza neCentOS Git repository.

Kugadzirira kuburitswa kutsva kunoitwa zvinoenderana neiyo denderedzwa yekuvandudza, iyo inoreva kuumbwa kwekuburitswa mwedzi mitanhatu yega yega panguva yakatarwa. Kusvika 2024, bazi re8.x richange riri muchikamu chekutsigira chakazara, icho chinosanganisira kuisirwa kwekuvandudzwa kwebasa, mushure mezvo chinozoenda muchikamu chekugadzirisa, umo izvo zvinonyanya kukosha zvichachinja kune kugadzirisa kwebug uye kuchengetedzeka, nekuvandudzwa kudiki kune hukama. kutsigira zvakakosha hardware masisitimu.

Kuchinja kukuru:

  • Yakagadziridzwa sevha uye system mapakeji: nginx 1.22, Libreswan 4.9, OpenSCAP 1.3.7, Grafana 7.5.15, powertop rebased 2.15, tuned 2.20.0, NetworkManager 1.40.16, mod_security 2.9.6, samba 4.17.5.
  • Shanduro itsva dzemakongiresi uye maturusi ekuvandudza aisanganisira: GCC Toolset 12, LLVM Toolset 15.0.7, Rust Toolset 1.66, Go Toolset 1.19.4, Python 3.11, Node.js 18.14, PostgreSQL 15, Git 2.39.1nd Tap.3.19. , Apache Tomcat 4.8.
  • FIPS modhi marongero achinjwa kuti aenderane neFIPS 140-3 mwero. Yakaremara 3DES, ECDH neFFDH, diki HMAC kiyi saizi inogumira ku112 bits, uye RSA makiyi anoganhurirwa ku2048 bits, akaremara SHA-224, SHA-384, SHA512-224, SHA512-256, SHA3-224 uye SHA3B hashe pseudo-random nhamba jenareta -384.
  • Yakagadziridzwa SELinux mitemo yekutsigira systemd-socket-proxyd.
  • Iyo yum package maneja inoshandisa iyo offline-upgrade command yekushandisa zvigadziriso kune system offline. Chakakosha cheiyo offline update ndechekuti kutanga, mapakeji matsva anotorwa ne "yum offline-upgrade download", mushure mezvo "yum offline-upgrade reboot" murairo unoitwa kuti utangezve sisitimu munzvimbo shoma uye nekuisa iripo. inogadziridza mairi pasina kukanganisa maitiro evashandi. Mushure mekugadzwa kwezvigadziriso kwapera, sisitimu inotangazve munzvimbo yakajairika yekushanda. Paunenge uchidhawunirodha mapakeji ekuvandudza pasina Indaneti, unogona kuisa mafirita, semuenzaniso, "--advisory", "--security", "--bugfix".
  • A new synce4l package yakawedzerwa kushandisa SyncE (Synchronous Ethernet) frequency synchronization tekinoroji inotsigirwa mune mamwe makadhi etiweki uye network switch, iyo inogona kuvandudza kugona kwekutaurirana muRAN (Radio Access Network) zvikumbiro nekuda kwekunyatsoenderana nguva.
  • Iyo nyowani yekumisikidza faira /etc/fapolicyd/rpm-filter.conf yakawedzerwa kune iyo fapolicyd (File Access Policy Daemon) hurongwa, iyo inokutendera kuti uone kuti ndeapi mapurogiramu anogona kuitiswa nemumwe mushandisi uye izvo zvisingakwanisi, kugadzirisa rondedzero. yemafaira kubva kudhatabhesi yeRPM package maneja anogadzirisa fapolicyd. Semuenzaniso, faira nyowani yekumisikidza inogona kushandiswa kusabvisa maapplication ega ega akaisirwa kuburikidza neRPM package maneja kubva kumitemo yekuwana.
  • Mu kernel, kana uchirasa ruzivo nezve yakaonekwa mafashama murogi, ruzivo nezve IP kero yakagamuchira chinongedzo inopihwa kurerutsa chinangwa chekufashama pane masisitimu ane vanobata akasungwa kune akasiyana IP kero.
  • Yakawedzera basa rehurongwa kune podman toolkit kubata Podman marongero, midziyo, uye systemd masevhisi anomhanyisa Podman midziyo. Podman akawedzera rutsigiro rwekugadzira zviitiko zvekuongorora, kubatanidza pre-launch hooks (/usr/libexec/podman/pre-exec-hook uye /etc/containers/pre-exec-hook), uye kushandisa iyo Sigstore fomati kuchengetedza masiginecha edhijitari pamwe chete. nemifananidzo yemidziyo.
  • Yakagadziridzwa midziyo-zvishandiso zvekutarisira midziyo yakasarudzika, kusanganisira mapakeji akadai sePodman, Buildah, Skopeo, crun uye runc.
  • Chishandiso chebhokisi rekushandisa chakawedzerwa chinokutendera kuti utange imwe nzvimbo yakasarudzika, iyo inogona kurongwa zvisina tsarukano uchishandisa yakajairwa DNF package maneja. Mugadziri anongoda kuita iyo "toolbox gadzira" murairo, mushure mezvo chero nguva anogona kupinda munzvimbo yakagadzirwa ne "toolbox pinda" kuraira uye kuisa chero mapakeji uchishandisa iyo yum utility.
  • Yakawedzera tsigiro yevhd imaging inoshandiswa muMicrosoft Azure yeArM64 architecture.
  • SSSD (System Security Services Daemon) yakawedzera tsigiro yemazita edhairekitori edzimba madiki (ichishandisa "%h" inotsiva mune override_homedir hunhu hunotsanangurwa mukati /etc/sssd/sssd.conf). Mukuwedzera, vashandisi vanobvumirwa kushandura password yakachengetwa muLDAP (inogoneswa nekuisa ldap_pwd_policy hunhu kumumvuri mu /etc/sssd/sssd.conf).
  • glibc inoshandisa itsva yekuronga algorithm yeDSO ine simba yekubatanidza iyo inoshandisa yakadzama-yekutanga yekutsvaga (DFS) nzira yekugadzirisa nyaya dzekuita mukubata kutsamira kwakapetwa. Kuti usarudze algorithm yeDSO, glibc.rtld.dynamic_sort=2 parameter inorongwa, iyo inogona kupihwa kukosha "1" kudzosera kumashure kune yekare algorithm.
  • Iyo rteval utility inopa pfupiso ruzivo nezve kurodha chirongwa, shinda, uye CPU inobatanidzwa mukuita idzo tambo.
  • Zvimwe zvingasarudzwa zvakawedzerwa kune oslat utility yekuyera latency.
  • Yakawedzera vatyairi vatsva veSoC Intel Elkhart Lake, Solarflare Siena, NVIDIA sn2201, AMD SEV, AMD TDX, ACPI Vhidhiyo, Intel GVT-g yeKVM, HP iLO/iLO2.
  • Yakawedzera kuyedza rutsigiro rwe discrete Intel Arc makadhi emifananidzo (DG2/Alchemist). Kugonesa kumhanyisa hardware pamakadhi evhidhiyo akadaro, tsanangura PCI ID yekadhi panguva yebhutsu kuburikidza ne "i915.force_probe=pci-id" kernel parameter.
  • Iyo inkscape package inkscape1 yakatsiviwa ne inkscape1, inoshandisa Python 3. Shanduro yeInkscape yakagadziridzwa kubva 0.92 kusvika 1.0.
  • Kiosk modhi inopa kugona kushandisa iyo GNOME On-Screen Keyboard.
  • Libsoup raibhurari uye Evolution mail mutengi akawedzera rutsigiro rwechokwadi muMicrosoft Exchange Server uchishandisa iyo NTLMv2 protocol.
  • GNOME inopa kugona kugadzirisa menyu yemukati inoratidzwa paunodzvanya-kurudyi padesktop. Mushandisi anogona ikozvino kuwedzera zvinhu kumenyu kuti aite zvisina tsarukano mirairo.
  • GNOME inobvumidza iwe kudzima kushandura chaiwo desktops nekutsvaira kumusoro kana pasi neminwe mitatu pane touchpad.
  • Kuenderera mberi nekupa kuyedza (Tekinoroji Preview) rutsigiro rweAF_XDP, XDP hardware kuburitsa, Multipath TCP (MPTCP), MPLS (Multi-protocol Label Switching), DSA (data streaming accelerator), KTLS, dracut, kexec fast reboot, nispor, DAX mu ext4 uye xfs, systemd-yakagadziriswa, accel-config, igc, OverlayFS, Stratis, Software Guard Extensions (SGX), NVMe/TCP, DNSSEC, GNOME paARM64 uye IBM Z masisitimu, AMD SEV yeKVM, Intel vGPU, Toolbox.

Source: opennet.ru

Voeg