The following updates have been released for Oracle Linux:

ELSA-2024-1750 Important: Oracle Linux 9 unbound security update
ELSA-2024-1789 Important: Oracle Linux 9 bind security update
ELBA-2024-1739 Oracle Linux 9 sos bugfix and enhancement update
ELBA-2024-1779 Oracle Linux 9 firefox bug fix update
ELBA-2024-1734 Oracle Linux 9 .NET 8.0 bugfix update
ELBA-2024-1736 Oracle Linux 9 .NET 7.0 bugfix update
ELBA-2024-1759 Oracle Linux 7 firefox bug fix update
ELBA-2024-1759 Oracle Linux 7 firefox bug fix update (aarch64)
ELSA-2024-1787 Important: Oracle Linux 7 squid security update (aarch64)
ELSA-2024-1785 Important: Oracle Linux 7 X.Org server security update (aarch64)
ELSA-2024-1787 Important: Oracle Linux 7 squid security update
ELSA-2024-1785 Important: Oracle Linux 7 X.Org server security update

ELSA-2024-1750 Important: Oracle Linux 9 unbound security update

Oracle Linux Security Advisory ELSA-2024-1750

http://linux.oracle.com/errata/ELSA-2024-1750.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-unbound-1.16.2-3.el9_3.5.x86_64.rpm
unbound-1.16.2-3.el9_3.5.x86_64.rpm
unbound-libs-1.16.2-3.el9_3.5.i686.rpm
unbound-libs-1.16.2-3.el9_3.5.x86_64.rpm
unbound-devel-1.16.2-3.el9_3.5.i686.rpm
unbound-devel-1.16.2-3.el9_3.5.x86_64.rpm

aarch64:
python3-unbound-1.16.2-3.el9_3.5.aarch64.rpm
unbound-1.16.2-3.el9_3.5.aarch64.rpm
unbound-libs-1.16.2-3.el9_3.5.aarch64.rpm
unbound-devel-1.16.2-3.el9_3.5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//unbound-1.16.2-3.el9_3.5.src.rpm

Related CVEs:

CVE-2024-1488

Description of changes:

[1.16.2-3.5]
- Rebuilt again with z-stream target

[1.16.2-3.4]
- Correct typo in new config file

[1.16.2-3.3]
- Ensure group access correction reaches also updated configs (CVE-2024-1488)

[1.16.2-3.2]
- Ensure only unbound group can change configuration (CVE-2024-1488)

ELSA-2024-1789 Important: Oracle Linux 9 bind security update

Oracle Linux Security Advisory ELSA-2024-1789

http://linux.oracle.com/errata/ELSA-2024-1789.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind-9.16.23-14.el9_3.4.x86_64.rpm
bind-chroot-9.16.23-14.el9_3.4.x86_64.rpm
bind-dnssec-doc-9.16.23-14.el9_3.4.noarch.rpm
bind-dnssec-utils-9.16.23-14.el9_3.4.x86_64.rpm
bind-dyndb-ldap-11.9-8.el9_3.3.x86_64.rpm
bind-libs-9.16.23-14.el9_3.4.x86_64.rpm
bind-license-9.16.23-14.el9_3.4.noarch.rpm
bind-utils-9.16.23-14.el9_3.4.x86_64.rpm
python3-bind-9.16.23-14.el9_3.4.noarch.rpm
bind-devel-9.16.23-14.el9_3.4.i686.rpm
bind-devel-9.16.23-14.el9_3.4.x86_64.rpm
bind-doc-9.16.23-14.el9_3.4.noarch.rpm
bind-libs-9.16.23-14.el9_3.4.i686.rpm

aarch64:
bind-9.16.23-14.el9_3.4.aarch64.rpm
bind-chroot-9.16.23-14.el9_3.4.aarch64.rpm
bind-dnssec-doc-9.16.23-14.el9_3.4.noarch.rpm
bind-dnssec-utils-9.16.23-14.el9_3.4.aarch64.rpm
bind-dyndb-ldap-11.9-8.el9_3.3.aarch64.rpm
bind-libs-9.16.23-14.el9_3.4.aarch64.rpm
bind-license-9.16.23-14.el9_3.4.noarch.rpm
bind-utils-9.16.23-14.el9_3.4.aarch64.rpm
python3-bind-9.16.23-14.el9_3.4.noarch.rpm
bind-devel-9.16.23-14.el9_3.4.aarch64.rpm
bind-doc-9.16.23-14.el9_3.4.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//bind-9.16.23-14.el9_3.4.src.rpm
http://oss.oracle.com/ol9/SRPMS-updates//bind-dyndb-ldap-11.9-8.el9_3.3.src.rpm

Related CVEs:

CVE-2023-4408
CVE-2023-5517
CVE-2023-5679
CVE-2023-6516
CVE-2023-50387
CVE-2023-50868

Description of changes:

bind
[32:9.16.23-14.4]
- Rebuild with correct z-stream tag again

[32:9.16.23-14.3]
- Rebuild together with bind-dyndb-ldap to adjust ABI changes

[32:9.16.23-14.2]
- Import tests for large DNS messages fix
- Add downstream change complementing CVE-2023-50387

[32:9.16.23-14.1]
- Prevent increased CPU load on large DNS messages (CVE-2023-4408)
- Prevent assertion failure when nxdomain-redirect is used with
RFC 1918 reverse zones (CVE-2023-5517)
- Prevent assertion failure if DNS64 and serve-stale is used (CVE-2023-5679)
- Specific recursive query patterns may lead to an out-of-memory
condition (CVE-2023-6516)
- Prevent increased CPU consumption in DNSSEC validator (CVE-2023-50387
CVE-2023-50868)

bind-dyndb-ldap
[11.9-8.3]
- Rebuild with correct z-stream tag again

[11.9-8.2]
- Rebuild required for BIND changes for KeyTrap change (CVE-2023-50387)

ELBA-2024-1739 Oracle Linux 9 sos bugfix and enhancement update

Oracle Linux Bug Fix Advisory ELBA-2024-1739

http://linux.oracle.com/errata/ELBA-2024-1739.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
sos-4.7.0-1.0.1.el9.noarch.rpm
sos-audit-4.7.0-1.0.1.el9.noarch.rpm

aarch64:
sos-4.7.0-1.0.1.el9.noarch.rpm
sos-audit-4.7.0-1.0.1.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//sos-4.7.0-1.0.1.el9.src.rpm

Description of changes:

[4.7.0-1.0.1]
- Collect all rsyslogs files for all-logs option [Orabug: 36402382]
- Set SIGPIPE to default action for Broken Pipe Error [Orabug: 35969973]
- Modifying dnf history info transaction index [Orabug: 35497720]
- Adding virsh guest cgroup configuration [Orabug: 35145501]
- Adding virsh qemu-monitor info tree command [Orabug: 35148435]
- Adding Plugin option support for ksplice and btrfs [Orabug: 35115193]
- append .txt to .com domain named files [Orabug: 34527958]
- Adding dmesg -T to show timestamp for syslog comparison [Orabug: 34250313]
- Adding uptrack-uname to show effective ksplice kernel version [Orabug: 33553351]
- Added sos-oraclelinux-vendor-vendorurl.patch
- Fix patch for Orabug 31969352 [Orabug: 32822570]
- [ovn_central] call podman exec without a timeout
Resolves: bz1767359
- Adjusted ksplice plugin patches for path change [Orabug: 32881277]
- Fix os detect string for Oracle Linux [Orabug: 28674897]
- Add ksplice plugin [Orabug: 30273666] (Philippe Vanhaesendonck)
- Disable upload options for OracleLinux [Orabug: 31969352]
- Replace RH_FTP_HOST and RH_API_HOST with "_none_" [Orabug: 31975601]
- Allow a journal log size to be smaller than 100M [Orabug: 32454362]
- Do not exit on unknown plugin [Orabug: 32556170]
- Add in some btrfs commands [Orabug: 32727607]
- Add /var/run/ksplice/debug to sos ksplice plugin [Orabug: 32618933]
- Fix ksplice plugin does not show description [Orabug: 32886513]

[4.7.0-1]
- rebase to upstream 4.7.0
Resolves: RHEL-26115

ELBA-2024-1779 Oracle Linux 9 firefox bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-1779

http://linux.oracle.com/errata/ELBA-2024-1779.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.9.1-2.0.1.el9_3.x86_64.rpm
firefox-x11-115.9.1-2.0.1.el9_3.x86_64.rpm

aarch64:
firefox-115.9.1-2.0.1.el9_3.aarch64.rpm
firefox-x11-115.9.1-2.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//firefox-115.9.1-2.0.1.el9_3.src.rpm

Description of changes:

[115.9.1-2.0.1]
- Add firefox-oracle-default-prefs.js and remove the corresponding OpenELA file

[115.9.1]
- Add debranding patches (Mustafa Gezen)
- Add OpenELA default preferences (Louis Abel)

[115.9.1-2]
- Removed expat CVE fix

ELBA-2024-1734 Oracle Linux 9 .NET 8.0 bugfix update

Oracle Linux Bug Fix Advisory ELBA-2024-1734

http://linux.oracle.com/errata/ELBA-2024-1734.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
aspnetcore-runtime-dbg-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
aspnetcore-targeting-pack-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-apphost-pack-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-host-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-hostfxr-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-runtime-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-runtime-dbg-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-8.0-8.0.104-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-dbg-8.0-8.0.104-1.0.1.el9_3.x86_64.rpm
dotnet-targeting-pack-8.0-8.0.4-1.0.1.el9_3.x86_64.rpm
dotnet-templates-8.0-8.0.104-1.0.1.el9_3.x86_64.rpm
netstandard-targeting-pack-2.1-8.0.104-1.0.1.el9_3.x86_64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.104-1.0.1.el9_3.x86_64.rpm

aarch64:
aspnetcore-runtime-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
aspnetcore-runtime-dbg-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
aspnetcore-targeting-pack-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-apphost-pack-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-host-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-hostfxr-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-runtime-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-runtime-dbg-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-8.0-8.0.104-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-dbg-8.0-8.0.104-1.0.1.el9_3.aarch64.rpm
dotnet-targeting-pack-8.0-8.0.4-1.0.1.el9_3.aarch64.rpm
dotnet-templates-8.0-8.0.104-1.0.1.el9_3.aarch64.rpm
netstandard-targeting-pack-2.1-8.0.104-1.0.1.el9_3.aarch64.rpm
dotnet-sdk-8.0-source-built-artifacts-8.0.104-1.0.1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet8.0-8.0.104-1.0.1.el9_3.src.rpm

Description of changes:

[8.0.104-1.0.1]
- Add support for Oracle Linux

[8.0.104-1]
- Update to .NET SDK 8.0.104 and Runtime 8.0.4
- Resolves: RHEL-31207

ELBA-2024-1736 Oracle Linux 9 .NET 7.0 bugfix update

Oracle Linux Bug Fix Advisory ELBA-2024-1736

http://linux.oracle.com/errata/ELBA-2024-1736.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
aspnetcore-runtime-7.0-7.0.18-1.el9_3.x86_64.rpm
aspnetcore-targeting-pack-7.0-7.0.18-1.el9_3.x86_64.rpm
dotnet-apphost-pack-7.0-7.0.18-1.el9_3.x86_64.rpm
dotnet-hostfxr-7.0-7.0.18-1.el9_3.x86_64.rpm
dotnet-runtime-7.0-7.0.18-1.el9_3.x86_64.rpm
dotnet-sdk-7.0-7.0.118-1.el9_3.x86_64.rpm
dotnet-targeting-pack-7.0-7.0.18-1.el9_3.x86_64.rpm
dotnet-templates-7.0-7.0.118-1.el9_3.x86_64.rpm
dotnet-sdk-7.0-source-built-artifacts-7.0.118-1.el9_3.x86_64.rpm

aarch64:
aspnetcore-runtime-7.0-7.0.18-1.el9_3.aarch64.rpm
aspnetcore-targeting-pack-7.0-7.0.18-1.el9_3.aarch64.rpm
dotnet-apphost-pack-7.0-7.0.18-1.el9_3.aarch64.rpm
dotnet-hostfxr-7.0-7.0.18-1.el9_3.aarch64.rpm
dotnet-runtime-7.0-7.0.18-1.el9_3.aarch64.rpm
dotnet-sdk-7.0-7.0.118-1.el9_3.aarch64.rpm
dotnet-targeting-pack-7.0-7.0.18-1.el9_3.aarch64.rpm
dotnet-templates-7.0-7.0.118-1.el9_3.aarch64.rpm
dotnet-sdk-7.0-source-built-artifacts-7.0.118-1.el9_3.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dotnet7.0-7.0.118-1.el9_3.src.rpm

Description of changes:

[7.0.118-1.0.1]
- Add OracleLinux support

[7.0.118-1]
- Update to .NET SDK 7.0.118 and Runtime 7.0.18
- Resolves: RHEL-31202

ELBA-2024-1759 Oracle Linux 7 firefox bug fix update

Oracle Linux Bug Fix Advisory ELBA-2024-1759

http://linux.oracle.com/errata/ELBA-2024-1759.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
firefox-115.9.1-2.0.1.el7_9.i686.rpm
firefox-115.9.1-2.0.1.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.9.1-2.0.1.el7_9.src.rpm

Description of changes:

[115.9.1-2.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.9.1-2]
- Removed expat CVE fix

ELBA-2024-1759 Oracle Linux 7 firefox bug fix update (aarch64)

Oracle Linux Bug Fix Advisory ELBA-2024-1759

http://linux.oracle.com/errata/ELBA-2024-1759.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
firefox-115.9.1-2.0.1.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//firefox-115.9.1-2.0.1.el7_9.src.rpm

Description of changes:

[115.9.1-2.0.1]
- Remove upstream references [Orabug: 30143292]
- Update distribution for Oracle Linux [Orabug: 30143292]
- Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file

[115.9.1-2]
- Removed expat CVE fix

ELSA-2024-1787 Important: Oracle Linux 7 squid security update (aarch64)

Oracle Linux Security Advisory ELSA-2024-1787

http://linux.oracle.com/errata/ELSA-2024-1787.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
squid-3.5.20-17.0.1.el7_9.10.aarch64.rpm
squid-migration-script-3.5.20-17.0.1.el7_9.10.aarch64.rpm
squid-sysvinit-3.5.20-17.0.1.el7_9.10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//squid-3.5.20-17.0.1.el7_9.10.src.rpm

Related CVEs:

CVE-2023-46724
CVE-2023-46728
CVE-2023-49285
CVE-2023-49286
CVE-2023-50269
CVE-2024-25617

Description of changes:

[7:3.5.20-17.0.1]
- Mutiple CVE fixes for squid [Orabug: 33146289]
- Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing (#778)
- Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing (#788)
- Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range requests (#790)
- Resolves: CVE-2021-33620 squid: Handle more partial responses (#791)

[7:3.5.20-17.10]
- Resolves: RHEL-16779 - squid: NULL pointer dereference in the gopher protocol
code -- Remove support for Gopher protocol (CVE-2023-46728)
- Resolves: RHEL-18176 - squid: Buffer over-read in the HTTP Message processing
feature (CVE-2023-49285)
- Resolves: RHEL-18171 - squid: Incorrect Check of Function Return Value In
Helper Process management (CVE-2023-49286)
- Resolves: RHEL-16758 - squid: Denial of Service in SSL Certificate validation
(CVE-2023-46724)
- Resolves: RHEL-19557 - squid: denial of service in HTTP request parsing
(CVE-2023-50269)
- Resolves: RHEL-26082 - squid: denial of service in HTTP header parser
(CVE-2024-25617)

ELSA-2024-1785 Important: Oracle Linux 7 X.Org server security update (aarch64)

Oracle Linux Security Advisory ELSA-2024-1785

http://linux.oracle.com/errata/ELSA-2024-1785.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
xorg-x11-server-common-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-Xephyr-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-Xorg-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-devel-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-source-1.20.4-29.el7_9.noarch.rpm
xorg-x11-server-Xdmx-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-Xnest-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-Xvfb-1.20.4-29.el7_9.aarch64.rpm
xorg-x11-server-Xwayland-1.20.4-29.el7_9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//xorg-x11-server-1.20.4-29.el7_9.src.rpm

Related CVEs:

CVE-2024-31080
CVE-2024-31081
CVE-2024-31083

Description of changes:

[1.20.4-29]
- Fix regression caused by the fix for CVE-2024-31083

[1.20.4-28]
- CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and
CVE-2024-31083
Resolves: https://issues.redhat.com/browse/RHEL-31003
Resolves: https://issues.redhat.com/browse/RHEL-30989
Resolves: https://issues.redhat.com/browse/RHEL-30973
- Add util-linux as a dependency of Xvfb
- Fix compilation error on i686

ELSA-2024-1787 Important: Oracle Linux 7 squid security update

Oracle Linux Security Advisory ELSA-2024-1787

http://linux.oracle.com/errata/ELSA-2024-1787.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
squid-3.5.20-17.0.1.el7_9.10.x86_64.rpm
squid-migration-script-3.5.20-17.0.1.el7_9.10.x86_64.rpm
squid-sysvinit-3.5.20-17.0.1.el7_9.10.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//squid-3.5.20-17.0.1.el7_9.10.src.rpm

Related CVEs:

CVE-2023-46724
CVE-2023-46728
CVE-2023-49285
CVE-2023-49286
CVE-2023-50269
CVE-2024-25617

Description of changes:

[7:3.5.20-17.0.1]
- Mutiple CVE fixes for squid [Orabug: 33146289]
- Resolves: CVE-2021-28651 squid: Bug 5104: Memory leak in RFC 2169 response parsing (#778)
- Resolves: CVE-2021-28652 squid: Bug 5106: Broken cache manager URL parsing (#788)
- Resolves: CVE-2021-31806,31807,31808 squid: Handle more Range requests (#790)
- Resolves: CVE-2021-33620 squid: Handle more partial responses (#791)

[7:3.5.20-17.10]
- Resolves: RHEL-16779 - squid: NULL pointer dereference in the gopher protocol
code -- Remove support for Gopher protocol (CVE-2023-46728)
- Resolves: RHEL-18176 - squid: Buffer over-read in the HTTP Message processing
feature (CVE-2023-49285)
- Resolves: RHEL-18171 - squid: Incorrect Check of Function Return Value In
Helper Process management (CVE-2023-49286)
- Resolves: RHEL-16758 - squid: Denial of Service in SSL Certificate validation
(CVE-2023-46724)
- Resolves: RHEL-19557 - squid: denial of service in HTTP request parsing
(CVE-2023-50269)
- Resolves: RHEL-26082 - squid: denial of service in HTTP header parser
(CVE-2024-25617)

ELSA-2024-1785 Important: Oracle Linux 7 X.Org server security update

Oracle Linux Security Advisory ELSA-2024-1785

http://linux.oracle.com/errata/ELSA-2024-1785.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
xorg-x11-server-Xdmx-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-Xephyr-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-Xnest-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-Xorg-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-Xvfb-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-Xwayland-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-common-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-devel-1.20.4-29.el7_9.i686.rpm
xorg-x11-server-devel-1.20.4-29.el7_9.x86_64.rpm
xorg-x11-server-source-1.20.4-29.el7_9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//xorg-x11-server-1.20.4-29.el7_9.src.rpm

Related CVEs:

CVE-2024-31080
CVE-2024-31081
CVE-2024-31083

Description of changes:

[1.20.4-29]
- Fix regression caused by the fix for CVE-2024-31083

[1.20.4-28]
- CVE fix for: CVE-2024-31080, CVE-2024-31081, CVE-2024-31082 and
CVE-2024-31083
Resolves: https://issues.redhat.com/browse/RHEL-31003
Resolves: https://issues.redhat.com/browse/RHEL-30989
Resolves: https://issues.redhat.com/browse/RHEL-30973
- Add util-linux as a dependency of Xvfb
- Fix compilation error on i686