From fe7855b1cb6120471977944296aeb76c486496a8 Mon Sep 17 00:00:00 2001
From: ivonaest <ivona.cvija@est.tech>
Date: Thu, 23 Oct 2025 14:43:25 +0100
Subject: [PATCH 1/3] Upgraded grpc version to 1.76.0 and added
 grpc-netty-shaded dependency to remove CVE-2025-55163

Signed-off-by: ivonaest <ivona.cvija@est.tech>
---
 pom.xml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index fed1e4104c0..0f7bed8e82c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -208,7 +208,7 @@
     <findbugs.jsr305.version>3.0.2</findbugs.jsr305.version>
     <flatten.maven.plugin.version>1.7.0</flatten.maven.plugin.version>
     <groovy.version>4.0.26</groovy.version>
-    <grpc.version>1.72.0</grpc.version>
+    <grpc.version>1.76.0</grpc.version>
     <gson.version>2.13.1</gson.version>
     <guava.version>33.4.8-jre</guava.version>
     <guice.version>7.0.0</guice.version>
@@ -466,6 +466,11 @@
         <artifactId>grpc-core</artifactId>
         <version>${grpc.version}</version>
       </dependency>
+      <dependency>
+          <groupId>io.grpc</groupId>
+          <artifactId>grpc-netty-shaded</artifactId>
+          <version>${grpc.version}</version>
+      </dependency>
       <dependency>
         <groupId>io.smallrye.common</groupId>
         <artifactId>smallrye-common-cpu</artifactId>

From b7badb9f4500b32ada8d2fe270a0b04229a5cee4 Mon Sep 17 00:00:00 2001
From: ivonaest <ivona.cvija@est.tech>
Date: Thu, 23 Oct 2025 16:31:20 +0100
Subject: [PATCH 2/3] Upgraded netty version to 4.2.5.Final to remove
 CVE-2025-58057

Signed-off-by: ivonaest <ivona.cvija@est.tech>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 0f7bed8e82c..2ec0633a94b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -298,7 +298,7 @@
     <modify-sources-plugin.version>1.0.13</modify-sources-plugin.version>
     <mongo.docker.version>5.0.26</mongo.docker.version>
     <mongodb.version>5.6.1</mongodb.version>
-    <netty.version>4.2.0.Final</netty.version>
+    <netty.version>4.2.5.Final</netty.version>
     <njord.version>0.8.2</njord.version>
     <openpojo.version>0.9.1</openpojo.version>
     <org.osgi.annotation.version>8.1.0</org.osgi.annotation.version>

From 00ae9ddcc3c8b5b16e740182e6b02d3ea8d60a9e Mon Sep 17 00:00:00 2001
From: ivonaest <ivona.cvija@est.tech>
Date: Thu, 23 Oct 2025 17:00:45 +0100
Subject: [PATCH 3/3] Upgraded testcontainers-keycloak version to 3.5.1 to
 remove CVE-2024-10039, CVE-2024-7318, CVE-2024-4028

Signed-off-by: ivonaest <ivona.cvija@est.tech>
---
 tests/test-distribution/test-distribution-common/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test-distribution/test-distribution-common/pom.xml b/tests/test-distribution/test-distribution-common/pom.xml
index 35493e8031a..a9d56c7a23b 100644
--- a/tests/test-distribution/test-distribution-common/pom.xml
+++ b/tests/test-distribution/test-distribution-common/pom.xml
@@ -18,7 +18,7 @@
     <junit.jupiter.execution.parallel.config.dynamic.factor>0.4</junit.jupiter.execution.parallel.config.dynamic.factor>
     <junit.jupiter.execution.parallel.config.fixed.parallelism>2</junit.jupiter.execution.parallel.config.fixed.parallelism>
     <!--    <junit.jupiter.execution.parallel.config.strategy>fixed</junit.jupiter.execution.parallel.config.strategy>-->
-    <testcontainers-keycloak.version>3.4.0</testcontainers-keycloak.version>
+    <testcontainers-keycloak.version>3.5.1</testcontainers-keycloak.version>
   </properties>
 
   <dependencies>