Red Hat Enterprise Linux (RHEL) 9.3 is now generally available (GA). This release provides a flexible, reliable, secure, and stable foundation to innovate applications and develop critical workloads faster and more efficiently with a consistent experience across physical, virtual, private, public cloud, and edge deployments. You can download RHEL 9.3 at no cost as part of the Red Hat Developer program subscription.
In this article, you'll learn about enhancements in RHEL 9.3 that improve the developer experience.
Latest language runtimes and tools
Red Hat Enterprise Linux 9.3 has been updated with many developers' favorite programming languages. Notable changes include:
- Apache HTTP Server 2.4.57 is the latest web server version included in Red Hat Enterprise Linux 9.3. Key enhancements in HTTPd version 2.4.57 include:
- A new
-Toption to truncate all rotated logfiles except the initial logfile.
LDAPConnectionPoolTTLnow accepts negative values to reuse connections of any age. Previously, a negative value was handled as an error.
mod_authnz_fcgimodule is included in the latest version. This enables FastCGI authorizer applications to authenticate users and authorize access to resources.
- A new
- Redis 7 is an advanced key-value store available as part of Red Hat Enterprise Linux 9.3. Prominent features include:
- Support for server-side scripting in Redis Functions API.
- Shared publish/subscribe support for clusters.
- New version formation for Redis Database (RDB) files.
- Fine-grained access control list (ACL) support.
The latest versions of toolsets and compilers
Red Hat Enterprise Linux 9.3 offers an updated version of GCC 13, Rust 1.71, and LLVM 16, enabling developers to accelerate innovation, streamline operations, and modernize their applications with the latest toolsets and compilers.
Red Hat Enterprise Linux 9.3 comes with a GCC compiler 13.1.1. This version provides many bug fixes and enhancements available in upstream GCC. Key updates in GCC toolset 13 include the following:
- A new
– no-warnings) command-line option suppresses the generation of any warning message when you create a known non-working binary.
- SystemTap is rebased to version 4.9. This update provides access to Python/Jupyter interactive notebook front-end for AI/ML application development.
libpfmpackage has been updated to version 4.13. Notable improvements include access to the performance monitoring hardware native events for processor microarchitectures such as AMD Zen 2, AMD Zen 3, AMD Zen 4, IBM z16, and 4th Gen Intel Xeon Scalable processors.
Find out more about GCC on RHEL.
The Rust toolset has been updated to version 1.71 in RHEL 9.3. Notable changes include the following:
- Cargo has been fixed to remedy a security vulnerability that allowed local attackers to edit the cache of the source code belonging to another local user.
- A new Cargo sparse protocol enables more efficient use of the crates.io registry. This reduces the network activity required to resolve dependencies from the package registry. This is much faster than the Git-based protocol.
- New OnceLock and OnceCell APIs for one-time value initialization. These wrapper types manage the initialization of their inner value so that they are written only once, even among multiple attempts from a shared reference.
Find out more about Rust on RHEL.
Red Hat Enterprise Linux 9.3 comes with the LLVM 16 toolset, with the following changes and enhancements:
- LLVM 16 is built with C++ 17 by default. This makes coding more secure.
- Support for new CPU extensions is added in LLVM 16. Some notable CPU extensions include Cortex-A715 CPU, Cortex-X3 CPU, and Neoverse V2 CPU.
- Optimized instruction sets. Old attributes are mapped to the new attributes. The existing readnone, readonly, writeonly, argmemonly, inaccessiblememonly, and inaccessiblemem_or_argmemonly function attributes have been replaced by a single memory(...) attribute.
For more details, refer to the LLVM 16 release notes.
The version of Go that will ship with Red Hat Enterprise Linux 9.3 is Go toolset 1.20, which includes the following changes:
- Addition of a new
- CGO is now disabled by default on systems without a C toolchain.
- Optimizations of the garbage collector to improve memory and CPU usage.
- Comparable types may satisfy comparable constraints without requiring types to be strictly comparable.
- .Preview support for profile-guided optimization.
- Added support for collecting code coverage profiles for programs.
For more details, refer to Go on RHEL.
Security and compliance
The RHEL 9.3 GA makes it easier to manage the security of your RHEL systems. Notable updates in 9.3 are listed below:
- OpenSSH enforces the SHA-2 algorithm by default. For SSH private conversations, OpenSSH uses SHA-2 for key testing, and SHA-1 is unavailable on the client side. Therefore, SHA-2 is used. This makes sure the weaknesses of the SHA-1 algorithm are remedied by SHA-2 enforcement.
- Users can configure OpenSSL cryptographic libraries to allow TLS 1.2 connections without the EMS (Extended Master Secret) extension for all TLS 1.2 connections in FIPS mode.
- Keylime is updated to version 7.3.0. The Keylime continuously monitors remote systems and verifies the state of systems at boot. Using Keylime, you can send encrypted files to the monitored systems and specify automated actions to be triggered whenever a monitored system fails the integrity test.
Read more about Red Hat Enterprise Linux Security.
Red Hat Enterprise Linux kernel
Red Hat Enterprise Linux 9.3 is distributed with kernel version 5.14.0-362.8.1. Notable features in the RHEL 9.3 kernel include:
perfperformance analysis tool is rebased to version 6.2. The
perf listcommand now displays Performance Monitor Unit (PMU) events that contain human-friendly names and descriptions. This update also supports Intel Raptor Lake-S, Intel Meteor Lake, and Intel Emerald Rapids.
crashutility is updated to version 8.0.3. The most notable enhancement in the crash utility is the added IPv6 support. For network interfaces that support IPv6, the crash utility prints IPv6 addresses and details about socket information with
kdumpmechanism now supports thin provisioned logical volumes as the
vmcoretarget. With this enhancement, the
kdumpmechanism extends the capability to save the
vmcoredump files on thin provisioned storage volumes.
Red Hat Enterprise Linux for containers
Red Hat Enterprise Linux 9.3 introduces significant updates in container management and security. Notable changes include:
- Podman enhancements: Podman now supports zstd compressed images for efficient storage and transfer. With Podman 4.6, developers can enjoy simplified systemd integration using Quadlet, extended Kubernetes compatibility with improved
podman kube playcommand options, and a new
podman secretcommand for managing secrets. For more information about changes, see the upstream release notes.
- Podmansh login shell: A revolutionary approach to managing user access, the podmansh login shell confines user sessions to a container, offering enhanced control and security.
- Clients for sigstore signatures: Full support for sigstore signatures with Fulcio and Rekor is now available, easing signature creation with short-term certificates authenticated via OpenID Connect (OIDC), thereby simplifying the management of private keys.
Red Hat Enterprise Linux in cloud environments and for the edge
Red Hat Enterprise Linux 9.3 has new features to help you develop and deploy applications on RHEL in cloud environments and edge deployments. Notable changes include:
cloud-initsupports NetworkManager (NM) keyfiles to configure the network of the created cloud instance.
cloud-initnow uses VMware data source by default on ESXi. This enhancement improves the performance and stability of the ESXi instance of RHEL that is running on the VMware vSphere cloud platform.
- Red Hat Enterprise Linux 9.3 supports building RHEL for Edge
.amiimages by using an on-prem RHEL image builder. The created
.amiimages can be uploaded to AWS and boot an EC2 instance in AWS.
- Red Hat Enterprise Linux 9.3 supports building a
.vmdkimage for RHEL for Edge by using an on-premise RHEL image builder. These images can be uploaded to vSphere and boot the image in VMware vSphere.
Create your Red Hat Enterprise Linux cloud images.
Red Hat Enterprise Linux system roles
Red Hat Enterprise Linux 9.3 brings new features for system roles as described below:
rhel-system-rolepackage now contains the
systemdRHEL system role. This role is suitable in deploying unit files and managing systemd units on multiple systems. Even systemd functionality can be automated.
- A new option to set
falsedisables automated backup of old configuration files before being overwritten with a new configuration.
- With the new
keylime_serverRHEL system role, users can use Ansible playbooks to configure verifier and registrar Keylime components on RHEL 9 systems.
- Support for new
ha_clustersystem roles enables:
- Configuration of resource and resource operation defaults.
- Loading and blocking of SBD watchdog kernel modules. This makes installed hardware watchdogs available to the cluster.
- Assignment of distinct passwords to the cluster hosts and quorum device.
- Enhancement to
networkRHEL system role to support
audo-dnsoption to control automatic DNS record updates and support the
postgresqlsystem role installs, configures, manages, and starts the PostgreSQL server. This role also optimizes the database server settings to improve performance.
Read more about Red Hat Enterprise Linux system roles.
- Learn administration and configuration tasks using RHEL system roles.
- Read the Red Hat Enterprise Linux 9.3 release notes.
- Download RHEL 9.3 at no cost.
- Read the press release announcing RHEL 9.3.