Highlights include kernel live patching, a new routing protocol stack called FRR which supports multiple IPv4 and IPv6 routing protocols, an extended version of the Berkeley Packet Filter (eBPF) to help sysadmins troubleshoot complex network issues, support for re-encrypting block devices in LUKS2 while the devices are in use, as well as a new tool for generating SELinux policies for containers called udica.
“With udica, you can create a tailored security policy for better control of how a container accesses host system resources, such as storage, devices, and network. This enables you to harden your container deployments against security violations and it also simplifies achieving and maintaining regulatory compliance,
CentOS Linux 8.1 also comes with additional FIPS-140 and Common Criteria certifications, XDP (eXpress Data Path) eBPF-based high performance data path as a Technology Preview, support for importing QCOW virtual images, and a new command-line tool in Identity Management called Healthcheck that helps users find issues, which could affect the reliability of their IdM environments.
Several packages and core components have received new version in CentOS Linux 8.1 (1911). Among these, we can mention the Tuned 2.12 system tuning tool, which brings support for CPU list negation, chrony 3.5 suite, which can now more accurately synchronize the system clock with hardware time stamping, as well as PHP 7.3, Ruby 2.6, Node.js 12, nginx 1.16, LLVM 8.0.1, Rust Toolset 1.37, and Go Toolset 1.12.8.