Skip to content

Update Netty to 4.1.124 #6344

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Update Netty to 4.1.124 #6344

wants to merge 2 commits into from

Conversation

mrdziuban
Copy link

Motivation and Context

This resolves CVE-2025-55163 (GHSA-prj3-ccx8-p6x4)

Modifications

Upgrades Netty to 4.1.124.Final

Testing

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)

Checklist

  • I have read the CONTRIBUTING document
  • Local run of mvn install succeeds
  • My code follows the code style of this project
  • My change requires a change to the Javadoc documentation
  • I have updated the Javadoc documentation accordingly
  • I have added tests to cover my changes
  • All new and existing tests passed
  • I have added a changelog entry. Adding a new entry must be accomplished by running the scripts/new-change script and following the instructions. Commit the new file created by the script in .changes/next-release with your changes.
  • My change is to implement 1.11 parity feature and I have updated LaunchChangelog

License

  • I confirm that this pull request can be released under the Apache 2 license

@mrdziuban mrdziuban requested a review from a team as a code owner August 13, 2025 21:37
@liustve liustve mentioned this pull request Aug 14, 2025
Merged
liustve added a commit to aws-observability/aws-otel-java-instrumentation that referenced this pull request Aug 14, 2025
@liustve @thpierce
Add Netty BOM (#1148)
df7bb31 
*Description of changes:*
Builds are failing image scanning for `CVE-2025-55163` which recently
was added as a vulnerability.
GHSA-prj3-ccx8-p6x4

Should revert this once we upgrade our aws-sdk dependency to version
that has this PR added:
aws/aws-sdk-java-v2#6344

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

---------

Co-authored-by: Thomas Pierce <[email protected]>
anahatAWS pushed a commit to anahatAWS/aws-otel-java-instrumentation that referenced this pull request Aug 14, 2025
@liustve @thpierce @anahatAWS
Add Netty BOM (aws-observability#1148)
529bebe 
*Description of changes:*
Builds are failing image scanning for `CVE-2025-55163` which recently
was added as a vulnerability.
GHSA-prj3-ccx8-p6x4

Should revert this once we upgrade our aws-sdk dependency to version
that has this PR added:
aws/aws-sdk-java-v2#6344

By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

---------

Co-authored-by: Thomas Pierce <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@mrdziuban