Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Built on the Linux 6.12 LTS kernel, Red Hat Enterprise Linux 10.2 has officially arrived with a broad set of enhancements covering security, kernel diagnostics, databases, development environments, desktop integration, containers, and overall system administration.
One of the most notable improvements in RHEL 10.2 is the broader adoption of post-quantum cryptography. OpenSSH now includes ML-KEM post-quantum key exchange combined with elliptic-curve cryptography in FIPS environments, while libssh introduces hybrid ML-KEM and ECDH key exchange mechanisms.
Red Hat has also upgraded p11-kit to version 0.26.1, adding support for post-quantum cryptography definitions within PKCS #11 headers. Additionally, Podman-sequoia gains support for combined post-quantum signature schemes.
The updated Keylime-agent 0.2.9 introduces an agent-controlled push attestation framework, enhanced hardware-backed cryptography support, flexible TPM RSA integration, and ECC-based TLS certificates. A new package called clevis-pin-trustee simplifies automated encryption and decryption of LUKS volumes through remote attestation using the Trustee Key Broker Service.
Another major addition in RHEL 10.2 is kernel Livepatch support, enabling administrators to apply specific kernel updates without restarting supported systems. The release also improves kernel monitoring and performance analysis with updated perf capabilities, additional Intel core and uncore performance counters, c-state and package-level performance events, better BPF tooling compatibility, and debuginfod integration.
On the software side, the distribution now includes PostgreSQL 18 and MariaDB 11.8, alongside refreshed packages such as PHP 8.4, chrony 4.8, and FRRouting 10.4.1.
Application Streams have also been refreshed with newer versions including Node.js 24 and Apache HTTP Server 2.4.63. Developers additionally gain access to Python 3.14 and Ruby 4.0 environments, complete with database connector support for long-term RHEL 10 deployments.
The development toolchain receives substantial upgrades as well. RHEL 10.2 ships with GCC 14.3, glibc 2.39, Annobin 13.02, and Binutils 2.41. Debugging and performance tools are updated to GDB 16.3, Valgrind 3.26.0, SystemTap 5.4, Dyninst 13.0.0, elfutils 0.194, and libabigail 2.9. New compiler toolsets include GCC Toolset 15 with GCC 15.2 and Binutils 2.44, plus LLVM Toolset 21.1.8, Rust Toolset 1.92.0, and Go Toolset 1.26.2.
The Anaconda installer has also been enhanced with automatic Flatpak application deployment during installation. This works with multiple installation sources, including CDN repositories, offline DVD images, local network servers, and Red Hat Satellite environments. Options such as “Server with GUI” can now include Flatpak applications immediately after setup.
Desktop integration has also shifted toward Flatpak delivery. Firefox and Thunderbird are now installed as Flatpak applications by default, although Red Hat will continue maintaining the RPM versions in the AppStream repository throughout the RHEL 10 lifecycle.
RHEL 10.2 also removes or changes several older features. The FUTURE cryptographic policy now exclusively allows hybrid ML-KEM key exchange methods, dropping support for conventional non-post-quantum algorithms. In addition, the vi command will no longer automatically open Vim when both vim-minimal and vim-enhanced packages are installed.
For upgrade scenarios, Red Hat currently supports direct migrations from RHEL 9.6 to RHEL 10.0 and from RHEL 9.8 to RHEL 10.2 across x86-64-v3, 64-bit Arm, IBM Power Systems POWER10 and newer, as well as IBM Z z15 and later hardware platforms.
For additional details, see the announcement or visit the release notes.
