May 7, 2024

Red Hat Enterprise Linux 9.4 is out. RHEL 9.4

What's new in Red Hat Enterprise Linux 9.4 innovates with advanced security, identity management and system roles, elevating performance for modern, complex IT infrastructures.

RHEL9.4

Red Hat recently announced the general release of Red Hat Enterprise Linux (RHEL) 9.4, the latest release in the Red Hat Enterprise Linux 9 operating system series. Red Hat Enterprise Linux, commonly known as RHEL, is an enterprise operating system widely recognized, designed to provide robustness and stability in various computing environments, including physical servers, virtual machines and hybrid clouds. This update brings with it a series of new features and improvements that promise to further enhance Red Hat's already comprehensive suite of enterprise solutions, especially designed for optimizing hybrid cloud environments. The innovations included in RHEL 9.4 aim to improve security, resource management and compatibility, making it an even more effective and reliable tool for enterprise IT infrastructures.

What's new in Red Hat Enterprise 9.4

Red Hat Enterprise Linux 9.4 (RHEL 9.4) features significant updates focused on developer needs, including the latest versions of programming languages, databases and development tools. These updates reflect Red Hat's commitment to providing cutting-edge, easily accessible technologies for the developer ecosystem.

Programming languages

Python 3.12

The new version of Python, Python 3.12, is now available in RHEL 9.4 and in the ubi9/python-312 package. Among the most relevant news:

  • Introducing a new declaration type and syntax for parameters in generic classes and functions.
  • A new pre-interpreter for Global Interpreter Lock (GIL), which aims to improve threading performance.
  • Replacing the hashlib implementations for the SHA1, SHA3, SHA2-384, SHA2-512, and MD5 cryptographic algorithms with formally verified code from the HACL project.

Ruby 3.3

Ruby 3.3 brings with it significant improvements, including:

  • The new Prism parser: a recursive, portable, error-tolerant, and easier to maintain parser.
  • Optimizations in the regular expression matching algorithm to mitigate risks of denial of service (ReDoS) vulnerabilities.

PHP 8.2

Innovations in PHP 8.2 include:

  • Introducing a new Random extension that organizes and consolidates existing random number generation capabilities in PHP.
  • Introducing new standalone data types such as null, false, and true.

Database

MariaDB 10.11

The updated version of MariaDB offers new features, including:

  • Introduction of the new sys_schema function.
  • New GRANT…TO PUBLIC privileges, separating SUPER and READ ONLY ADMIN privileges.
  • Support for the new UUID data type in databases.
  • Added support for Secure Socket Layer (SSL) version 3, making it easier to properly configure SSL on MariaDB servers.

PostgreSQL 16

Among the new features of PostgreSQL 16 on RHEL 9.4 we find:

  • libpq library support for connection-level load balancing via the load_balance_hosts option.
  • Improved support for regular expression matching in database entries and roles in the pg_hba.conf file.

Red Hat Enterprise Linux 9.4 (RHEL 9.4) is enhanced with the latest versions of toolsets and compilers, including Go 1.21, Rust 1.75, and LLVM 17, enabling developers to accelerate innovation, streamline operations, and modernize their applications using the most advanced technologies.

Go 1.21

With the release of RHEL 9.4, version 1.21 of the Go compiler was introduced. Key new features include:

  • Three new built-in functions: min, max and clear, designed to improve development.
  • Official support for Profile-Driven Optimization (PGO), which improves overall performance.
  • Better support for backward and forward compatibility in the Go toolchain.
  • Improvements in type inference, increasing power and accuracy.
  • More defined packet initialization order.

Rest 1.75

Rust has been updated to version 1.75 in RHEL 9.4, introducing important new features:

  • Constant evaluation time is now unlimited, allowing the compiler to process more complex expressions during compilation.
  • Improvements to panic and assertion messages to make them more readable.
  • Cargo now supports authentication to private registries for all operations, not just publishing, making it easier to securely host crates.
  • Ability for developers to write traits with async fn methods and opaque return types (impl Trait).
  • APIs stabilized in the release include Atomic*::from_ptr, FileTimes, FileTimesExt, File::set_modified, File::set_times, and IpAddr::to_canonical.

LLVM 17

LLVM has been updated to version 17 in RHEL 9.4. Significant changes include:

  • Introduction of the nofpclass attribute, which allows further optimizations when comparing special floating-point values.
  • Removing the constant select expression.
  • Deleted the old optimization pipeline (PassManagerBuilder.h).
  • Added a new FatLTO pipeline, which supports the generation of object files containing both machine code and LTO-compatible bitcode.

Red Hat Enterprise Linux 9.4 (RHEL 9.4) features important new features in terms of security and compliance, improving control of security policies both in the deployment of new systems and in the management of existing infrastructure.

Security and Compliance

Among the significant changes in RHEL 9.4, we find:

  • You can set additional Message Authentication Codes (MAC) options for SSH in system crypto-policies, giving you more granular control over MACs in SSH policies.
  • OpenSSH has been updated to set a maximum limit on the delay in reauthentication after an initial authentication failure, introduced to prevent user enumeration attacks.
  • Updates to OpenSSL allow you to configure provider-specific configurations without modifying the main OpenSSL configuration file, adding an additional layer of security.
  • Passkey authentication enables passwordless, multi-factor authentication (MFA) with FIDO2-compliant passkey for centrally managed users.

Red Hat Enterprise Linux for Edge

RHEL 9.4 supports creating FIPS-enabled RHEL for Edge images using image builder. Features and supported image types include:

  • Edge installer
  • Edge-simplified-installer
  • Edge-raw-image
  • Edge-love
  • Edge-vsphere

Red Hat Enterprise Linux for Containers

RHEL 9.4 introduces significant updates to container management and security:

  • Podman 4.9:
    • Using Podman to load modules on demand via command podman --module <nome_del_tuo_modulo> and overwrite system and user configuration files.
    • The new command podman farm with create, set, remove and update subcommands allows distributed builds on machines running Podman for different architectures.
    • The command podman build now supports Containerfiles with HereDoc syntax, simplifying Containerfiles and reducing image layers.
    • The commands podman machine init e podman machine set support a new option --usb, which allows USB pass-through for the QEMU provider.
    • Podman's RESTful APIs display information about the progress of image push or pull operations to the registry.
    • The new command podman-compose runs Compose workloads using external providers such as Docker Compose.
    • Updated container tools RPM metapackages with Podman, Buildah, Skopeo, crun, and runc are now available.
    • SQLite replaces BoltDB as the default Podman database for new installations, improving configuration resilience, especially during abnormal terminations.
    • The gvisor-tap-vsock package is now available as an alternative to libslirp and VPNKit, offering features such as configurable DNS and dynamic port forwarding.

Red Hat Enterprise Linux 9.4 (RHEL 9.4) introduces new Identity Management (IdM) features and improvements, as well as new features for system roles.

Identity Management in RHEL 9.4

What's new in identity management includes:

  • Improvements that allow existing IdM users to associate with external identity providers (IdPs) that support the OAuth2 device authorization flow. Among the IdPs included we find the Red Hat version of Keycloak, Azure Entra ID, GitHub, Google and Facebook.
  • The package update ipa version 4.11 introduces:
    • Support for FIDO2 based passkeys.
    • A context manager for iplib.api to set up, connect and disconnect automatically.
    • Support in Ansible modules for idoverrideuser, idoverridegroup, and idview.
  • Users can enable and configure passwordless authentication in SSSD to use a FIDO2 specification compliant biometric device, such as YubiKey.

Red Hat Enterprise Linux System Roles

RHEL 9.4 introduces new features for system roles, detailed below:

  • Microsoft SQL Server System Role: Now supports automation of SQL Server 2022 installation and configuration.
  • ad_integration System Role: Now supports configuring dynamic DNS update options.
  • Management of shared LVM devices: Using the storage system role to create shared logical volumes and volume groups.
  • Storage System Role: Now supports LVM snapshot management.
  • Nmstate API and Network System Role: Now support the following new route types:
    • Blackhole
    • Prohibition
    • Unreachable
  • PostgreSQL System Role: Now supports PostgreSQL 16.
  • System Role ha_cluster: Now includes new features such as:
    • Configuring fencing levels, allowing the cluster to use multiple devices to isolate nodes.
    • Configuring node attributes.

Conclusion

With the introduction of Red Hat Enterprise Linux 9.4 (RHEL 9.4), Red Hat continues to demonstrate its commitment to offering a robust, versatile, and best-in-class platform for the modern enterprise. This latest release not only strengthens security and compliance capabilities, facilitating more secure and controlled management of IT infrastructure, but also extends its capabilities with significant updates in system roles and identity management.

The update to RHEL 9.4 enables better integration with external identity providers, supporting modern and secure authentication flows that adapt to the needs of an increasingly distributed and mobile work environment. The ability to use FIDO2 compliant biometric devices for passwordless authentication not only improves security but also elevates usability and accessibility.

Additionally, new system role capabilities introduce automation and flexibility into critical tasks such as configuring and managing databases and SQL servers, upgrading network infrastructures, and managing storage. This modular and highly configurable approach to system roles simplifies the daily operations of IT administrators and reduces the risk of manual errors, contributing to more efficient management of resources.

RHEL 9.4 not only addresses the growing security, scalability and performance needs of modern enterprises, but also provides the tools to innovate and modernize existing infrastructure, supporting the continued evolution of the enterprise technology landscape. With each new release, Red Hat establishes itself as a key technology partner for organizations aiming to remain competitive in an increasingly digitalized world.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.

0256569681

Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.

INFORMATION

Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat®, RHEL®, RedHat Linux®, and CentOS®; AlmaLinux™ is a trademark of AlmaLinux OS Foundation; Rocky Linux® is a registered trademark of the Rocky Linux Foundation; SUSE® is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu®; Software in the Public Interest, Inc. holds the rights to Debian®; Linus Torvalds holds the rights to Linux®; FreeBSD® is a registered trademark of The FreeBSD Foundation; NetBSD® is a registered trademark of The NetBSD Foundation; OpenBSD® is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle®, MySQL®, and MyRocks®; Percona® is a registered trademark of Percona LLC; MariaDB® is a registered trademark of MariaDB Corporation Ab; REDIS® is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX® and NGINX Plus®; Varnish® is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento®; PrestaShop® is a registered trademark of PrestaShop SA; OpenCart® is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress®, WooCommerce®, and JetPack®; Open Source Matters, Inc. owns the rights to Joomla®; Dries Buytaert holds the rights to Drupal®. Amazon Web Services, Inc. holds the rights to AWS®; Google LLC holds the rights to Google Cloud™ and Chrome™; Microsoft Corporation holds the rights to Microsoft®, Azure®, and Internet Explorer®; Mozilla Foundation owns the rights to Firefox®. Apache® is a registered trademark of The Apache Software Foundation; PHP® is a registered trademark of the PHP Group. CloudFlare® is a registered trademark of Cloudflare, Inc.; NETSCOUT® is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch®, LogStash®, and Kibana® are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner®; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel®, LLC owns the rights to cPanel®; Plesk® is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook®. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER® is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

Back to top