Oracle Linux 8 Released With TLS 1.3

Oracle Linux
Oracle Linux

Oracle Linux is a Linux distribution packaged and freely distributed by Oracle.

It is compiled from Red Hat Enterprise Linux (RHEL) source code, replacing Red Hat branding with Oracle’s. It is also used by Oracle Cloud and Oracle Engineered Systems such as Oracle Exadata and others.

Oracle Linux 8 Released With TLS 1.3 and introduces numerous enhancements and add new features as follows.

Application Streams

  • Oracle Linux 8 introduces the concept of Application Streams, where multiple versions of user space components can be delivered and updated more frequently than the core operating system packages.
  • Application Streams contain the necessary system components and a range of applications that were previously distributed in Software Collections, as well as other products and programs.
  • A list of Application Streams supported on Oracle Linux 8 is available here.

System Management

  • Dandified Yum, a new version of the yum tool based on DNF technology, is a software package manager that installs, updates, and removes packages on RPM-based Linux distributions
  • Cockpit, an easy-to-use, lightweight and simple yet powerful remote manager for GNU/Linux servers, is an interactive server administration interface that offers a live Linux session via a web browser

RPM Improvements

Oracle Linux 8 ships with version 4.14 of RPM, which introduces many improvements and support for several new features

Installation, Boot and Image Creation

  • inst.addrepo=name boot parameter has been added to the installer. You can use this parameter to specify an additional repository during an installation.
  • By default, the Oracle Linux 8 installer uses the disk encryption specification LUKS2 (Linux Unified Key Setup 2) format.

Also Read – Run Kali Linux On Raspberry Pi 4

Kernel

  • The modinfo command has been updated to recognize and display signature information for modules that are signed with CMS and PKCS#7 formatted signatures
  • A set of kernel modules have been moved to the kernel-modules-extra package, which means none of these modules are installed by default; as a consequence, non-root users cannot load these components, as they are also blacklisted by default
  • Memory bus limits have been extended to 128 PiB of virtual address space and 4 PB of physical memory capacity. The I/O memory management unit (IOMMU) code in the Linux kernel is also updated to enable 5-level paging tables
  • The early kdump feature enables the crash kernel and initramfs to load early so that it can capture vmcore information, including early kernel crashes

Containers and Virtualization

  • New container tools: podman, buildah and skopeo, compatible with Open Container Initiative (OCI), are now available with the Oracle Linux 8. These tools can be used to manage the same Linux containers that are produced and managed by Docker and other compatible container engines.
  • Q35 machine type, support for KVM, which is a more modern PCI Express-based machine type, is now available for KVM
  • Additional information is included in KVM guest crash reports, which makes it easier to diagnose and fix problems when using KVM virtualization

Filesystem and Storage

  • Enhanced Device Mapper Multipathing
  • SCSI Multiqueue driver enables block layer performance to scale well with fast solid-state drives (SSDs) and multi-core systems
  • Stratis, an easy solution to manage local storage
  • XFS support for shared COW data extents, shared copy-on-write (COW) data extent functionality, whereby two or more files can share a common set of data blocks. This feature is similar to Copy on write (COW) functionality that is found in other file systems, where if either of the files that are sharing common blocks change, XFS breaks the link to those common blocks and then creates a new file

Identity Management

  • Several major identity management (IdM) features and enhancements, including session recording, enhanced Microsoft AD integration and new password syntax check
  • IdM server and client packages are distributed as a module; the IdM server module stream is called the DL1 stream and it contains multiple profiles (server, dns, adtrust, client, and default)

Networking

  • iptables network packet filtering framework has been replaced with nftables; the nftables framework includes packet classification facilities, several improvements and provides improved performance
  • iptables-translate and ip6tables-translate commands are now available to convert existing rules to their nftables equivalents, thereby facilitating the move to Oracle Linux 8
  • IPVLAN virtual network driver enables network connectivity for multiple containers by exposing a single MAC address to the local network
  • Networking, UDP, and TCP updated to release 4.18 with improved performance

Security

  • OpenSSH updated to release 7.8p1, enhancing access security
  • LUKS2 (Linux Unified Key Setup) is now the default format for encrypted volumes
  • OpenSCAP has been updated to the release 1.3.0 with improvements to the command-line interface as well as consolidation of OpenSCAP API have been addressed
  • SELinux now supports the map permission feature, to help prevent direct memory access to various file system objects and introduces new SELinux booleans
  • Transport Layer Security (TLS) 1.3 is enabled by default in major back-end cryptographic libraries
For the latest update about Cyber and Infosec World, follow us on Twitter, Facebook, Telegram , Instagram and subscribe to our YouTube Channel.

Subscribe to HackersOnlineClub via Email

Enter your Email address to receive notifications of Latest Posts by Email | Join over Million Followers

More from Priyanshu Sahay

Ubuntu 19.04 Released With Linux 5.0 Kernel And Support Raspberry Pi-3 Updates

Latest version of Ubuntu 19.04 (Disco Dong) Released Ubuntu 19.04 is based...
Read More

Leave a Reply