Red Hat Enterprise Linux 8.7 arrives

If RHEL is at the heart of your business, then this latest upgrade might be just what you need.
Written by Steven Vaughan-Nichols, Senior Contributing Editor
People walking by red hat on the wall.
Image: RedHat

If you haven't switched over to the Red Hat Enterprise Linux (RHEL) 9 family, and your company lives and dies with RHEL, then chances are you're running RHEL 8.x. If that's you, pay attention because the latest version, RHEL 8.7, has just arrived at a download site near you

Why make a move at all? It's not like RHEL 8.6 is going to fall apart on you. That's true, but the latest RHEL does come with bigger, better security features. And, unless you've been hiding your head in the sand for the last few years, you know security attacks are happening more than ever.

Also: Linux devices 'increasingly' targeted by hackers

Specifically, Red Hat is implementing new built-in authentication and security features. These are:

  • RHEL identity access management (IAM) now incorporates new Ansible, Red Hat's DevOps program, tooling to configure smart card authentication across their entire business.  
  • RHEL also now supports third-party IAM services. These include Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and others. Of course, RHEL has long supported Active Directory (AD) as a third-party IAM resource.

Red Hat is also improving its Software Bill of Materials (SBOM) with Secure Software Supply Chain methodologies. Red Hat did this by adopting Sigstore, the well-regarded open-source software signing service for its build pipelines and tools. This makes RHEL and the programs built within it much more trustworthy. 

The company is also incorporating Sigstore into its Podman, its Open Containers Initiative (OCI) rival to Docker. Since Podman works natively with Kubernetes, the incredibly popular cloud orchestration tool, it's become very popular in its own right. 

If securing your software isn't reason enough for you, keep in mind that SBOMs are now required by government regulation and presidential decree. SBOMs are not just a good idea; they're the law.

Also: Linux is not just for developers and command line pros

In addition, RHEL's Network Security Services (NSS) libraries now require all RSA secure keys to be at least 1023 bits. This, perforce, makes all your encrypted keys stronger.

Beyond these, and other minor, security fixes, RHEL has also moved to a new Linux kernel. It now runs with the 4.18.0-425 kernel version.

Of course, the new RHEL also includes the latest coding tools, container tools, computer languages, compilers, open-source databases, and web and cache servers. It wouldn't be an RHEL release without them. These include:

  • GCC-toolset 12, and the GCC 12 compiler.
  • New Rust-toolset, LLVM-toolset, and Go-toolset updates.
  • Ruby 3.1, Maven 3.8. .NET 7, and Node.js 18. 
  • Mercurial 6.2, the newest Mercurial distributed source control management tool.

RHEL also includes Application Streams. With each of these, your programmers can use different versions of software. This allows the user to use whichever version best suits their needs. These user-space components are delivered and updated more frequently than the core operating system packages. 

Your developers will be thrilled to see these ready to run in their toolchains.

Finally, it's easier than ever to upgrade from one version of RHEL to the next. Leapp, Red Hat's upgrade tool, now supports in-place upgrades for two two-year Extended Update Support (EUS) periods. So, for example, you can easily shift from RHEL 7.9 to 8.4 or 8.6, 8.6 to 9.0. This gives you two years to understand and plan for your upgrades. The related tool, Convert2RHEL, also now supports similar upgrades from CentOS Linux to RHEL updates. For instance, from CentOS Linux 7.9 to RHEL 7.9 and from CentOS Linux 8.4 to RHEL 8.4.

Taken all-in-all, RHEL 8.7 is an impressive step forward for RHEL users. I'd give serious consideration to moving to it sooner rather than later. The Sigstore support alone makes it a top upgrade priority in my book.

Related Stories:

Editorial standards