This post is also available in: Italian

Reading Time: 3 minutes

April 2018 was the date of the Red Hat Enterprise Linux 7.5 release and now it’s the turn of the new Red Hat Enterprise Linux 7.6 release. Just after some hours of the big announce that IBM is acquiring Red Hat!

Red Hat Enterprise Linux (RHEL) minor releases are an aggregation of individual security, enhancement, and bug fix errata. The Red Hat Enterprise Linux 7.6 Release Notes document describes the major changes made to the Red Hat Enterprise Linux 7 operating system and its accompanying applications for this minor release, as well as known problems and a complete list of all currently available Technology Previews.

Anyway there are some important news in the security area:

  • Driven by Trusted Platform Module (TPM) 2.0 hardware modules, the Policy-Based Decryption (PBD) capability has been extended to provide two layers of security for hybrid-cloud operations: the network-based mechanism is applicable in the cloud, while the use of TPM on-premises helps to keep information on disks physically more secure.
  • The GnuTLS library now provides improved Hardware Security Module (HSM) support.
  • OpenSSL now works with new CP Assist for Cryptographic Functions (CPACF) instructions to accelerate Galois/Counter Mode (GCM) of operation as available with IBM z14.
  • Red Hat Certificate System distributed with Red Hat Enterprise Linux 7.6 provides new default cryptographic algorithms for RSA and ECC, which help maintain FIPS compliance and stay current with cryptography requirements from NIST and other standards bodies, as well as organizations responsible for handling sensitive information.
  • For better integration with counter-intrusion measures, firewall operations through Red Hat Enterprise Linux have been improved with enhancements to nftables. The nft command-line tool can now also provide improved control packet filtering, providing better overall visibility and simplified configuration for systems security.
  • This release of OpenSC supports support new smart cards, for example, models with CardOS 5.3.

But also in the management and automation area there are some important news:

  • The tools for managing Red Hat Enterprise Linux 7 continue to be refined, with the latest version introducing enhancements to the Red Hat Enterprise Linux Web Console including:

    • Showing available updates on the system summary page
    • Automatic configuration of single sign-on for identity management, helping to simplify this task for security administrators
    • An interface to control firewall services
  • The following Red Hat Enterprise Linux System Roles are now fully supported: selinuxkdumpnetwork, and timesync.
  • The integration of the Extended Berkeley Packet Filter (eBPF) provides a safer, more efficient mechanism for monitoring activity within the kernel and will help to enable additional performance monitoring and network tracing tools in the future. The eBPFtool is available as a Technology Preview.

Capabilities and limits of Red Hat Enterprise Linux 7 as compared to other versions of the system are available in the Red Hat Knowledgebase article available at

Red Hat Enterprise Linux 7.6 is available on the following architectures:
  • 64-bit AMD
  • 64-bit Intel
  • IBM POWER7+ (big endian)
  • IBM POWER8 (big endian)
  • IBM POWER8 (little endian)
  • IBM POWER9 (little endian)
  • IBM Z
  • 64-bit ARM