Oracle Linux 9 Update 4 is generally available

May 6, 2024 | 4 minute read
Simon Coter
Director, Oracle Linux and Virtualization Product Management
Text Size 100%:

We are pleased to announce Oracle Linux 9 Update 4, the latest version of the premier enterprise operating system for distributed computing environments. Oracle Linux 9 Update 4 delivers on Oracle's commitment to open source and keeping Linux open and free while providing Enterprise Linux binary compatibility to help ensure applications run without disruption. Oracle Linux sources, binaries, ISOs, and errata remain unrestricted and freely available from the Oracle Linux yum server.

Oracle Linux 9 Update 4 for the 64-bit Intel and AMD (x86_64) and 64-bit Arm (aarch64) platforms is now generally available. This release is application binary compatible with the corresponding Red Hat Enterprise Linux 9 Update 4 and is packaged with the following kernel options:

  • Unbreakable Enterprise Kernel (UEK) Release 7 Update 2, 5.15.0-205.149.5.1 for both x86_64 and aarch64 platforms
  • Red Hat Compatible Kernel (RHCK), 5.14.0-427 for x86_64 platform

What's New

Dynamic Programming Languages, Web and Database Servers

The following features, enhancements, and changes related to programming languages, web and database servers have been introduced in Oracle Linux 9 Update 4:

  • Python 3.12
    • Note that the Python 3.12 series packages can be installed in parallel with Python 3.9 and Python 3.11 on the same system.
  • Ruby 3.3.0 is included in a new ruby:3.3 module stream

  • PHP 8.2 is included in the new php:8.2 module stream

  • NGINX 1.24 web and proxy server is included in the new nginx:1.24 module stream
  • PostgreSQL 16 is available for use as a postgresql:16 module stream and contains many new features and enhancements
  • Git version 2.43
  • Updated GCC Toolset 13
  • Performance Co-Pilot has been updated to version 6.2.0
  • cmake Updated to Version 3.26
  • LLVM Toolset updated to version 17.0.6
  • Rust Toolset updated to version 1.75.0
  • Go Toolset updated to version 1.21.0

Security

Oracle Linux 9 Update 4 adds new rules to the SELinux policy that confine the following systemd services to running in SELinux enforcing mode:

  • nvme-stas

  • realmd

This release includes updated OpenSSL that uses the "fips.so" shared library as a FIPS provider. With this update, the latest version of the library, which has been submitted to the National Institute of Standards and Technology (NIST) for certification, is shipped in a separate openssl-fips-provider package. This package helps ensure that future versions of OpenSSL use certified code or code undergoing certification; updated OpenSSL allows provider-specific configurations to be defined in separate ".conf" files in the "/etc/pki/tls/openssl.d" directory.

Oracle Linux 9 includes an enhanced release of OpenSSH that artificially delays responses after login failure to help prevent user enumeration attacks. An upper limit on artificial delays is applied when remote authentication takes too long, for example in privilege access management (PAM) processing.

A grafana-selinux package, which contains an SELinux policy for grafana-server, and which is installed by default with grafana-server is added to the release. This update helps ensure that the grafana-server runs as grafana_t SELinux type, rather than as an unconfined_service_t SELinux type.

Oracle Linux 9 Update 4 also introduces updated SCAP Security Guide 0.1.72 with profiles that are aligned to the latest DISA STIG policies.

Upgrading to the latest Oracle Linux releases

You can upgrade an Oracle Linux 7 system to Oracle Linux 8 as well as upgrade an Oracle Linux 8 system to the latest Oracle Linux 9 release by using the leapp utility. For step-by-step instructions and information about any known issues to be aware of when upgrading your system, review the following documentation for Oracle Linux 8 and Oracle Linux 9.

Leapp can now be used to upgrade systems running Oracle Database 19c from Oracle Linux 7 to Oracle Linux 8.

Download and try it now!

Resources

oracle.com/linux

Hardware Certification

Servers already certified for an earlier release of Oracle Linux 9 with UEK R7 do not need to be re-certified for this update; servers certified for Oracle Linux with UEK are published on the Hardware Certification List (HCL) for Oracle Linux and Virtualization.

An Independent Hardware Vendor participating in the Hardware Certification Program must be an established hardware partner having a collaborative support agreement with Oracle. If you would like to become an OPN member, please contact us at hcl-info_ww@oracle.com.

Training

www.oracle.com/goto/oltrain

GitHub

Social Media

 

 

Simon Coter

Director, Oracle Linux and Virtualization Product Management

A 20-years Oracle veteran, Simon Coter is an experienced product manager and open source community member. He leads a team responsible for several Oracle Linux and Virtualization offerings, including Oracle Linux, the Unbreakable Enterprise Kernel for Oracle Linux, Oracle Cloud Native Environment, Oracle Linux KVM, Oracle Linux Virtualization Manager, Oracle Linux Automation Manager, Gluster, Oracle VM, and VirtualBox. Prior to this, Simon was a technical consultant focused on project management, architectures definition, sizing and implementation, best practices, and technical references for customers.


Previous Post

OS Management Hub simplifies management of enterprise systems across distributed environments

Julie Wong | 8 min read

Next Post


Understanding Unix Garbage Collection and its Interaction with io_uring

Shoily Rahman | 22 min read