[NOID] Update lettuce-core to 6.5.4.RELEASE to mitigate CVE-2024-47535, CVE-2025-24970 and CVE-2025-25193

Author: Lojjs

LICENSES.txt

@@ -164,11 +164,11 @@ Apache-2.0
   mercator_2.12-0.2.1.jar
   metrics-core-3.2.4.jar
   netty-all-4.1.100.Final.jar
-  netty-buffer-4.1.119.Final.jar
-  netty-codec-4.1.119.Final.jar
+  netty-buffer-4.1.126.Final.jar
+  netty-codec-4.1.126.Final.jar
   netty-codec-dns-4.1.100.Final.jar
   netty-codec-haproxy-4.1.100.Final.jar
-  netty-codec-http-4.1.119.Final.jar
+  netty-codec-http-4.1.126.Final.jar
   netty-codec-http2-4.1.100.Final.jar
   netty-codec-memcache-4.1.100.Final.jar
   netty-codec-mqtt-4.1.100.Final.jar
@@ -177,24 +177,24 @@ Apache-2.0
   netty-codec-socks-4.1.100.Final.jar
   netty-codec-stomp-4.1.100.Final.jar
   netty-codec-xml-4.1.100.Final.jar
-  netty-common-4.1.119.Final.jar
-  netty-handler-4.1.119.Final.jar
+  netty-common-4.1.126.Final.jar
+  netty-handler-4.1.126.Final.jar
   netty-handler-proxy-4.1.100.Final.jar
   netty-handler-ssl-ocsp-4.1.100.Final.jar
-  netty-resolver-4.1.119.Final.jar
+  netty-resolver-4.1.126.Final.jar
   netty-resolver-dns-4.1.100.Final.jar
   netty-resolver-dns-classes-macos-4.1.100.Final.jar
   netty-resolver-dns-native-macos-4.1.100.Final-osx-aarch_64.jar
   netty-resolver-dns-native-macos-4.1.100.Final-osx-x86_64.jar
-  netty-transport-4.1.119.Final.jar
-  netty-transport-classes-epoll-4.1.119.Final.jar
+  netty-transport-4.1.126.Final.jar
+  netty-transport-classes-epoll-4.1.126.Final.jar
   netty-transport-classes-kqueue-4.1.100.Final.jar
-  netty-transport-native-epoll-4.1.119.Final-linux-aarch_64.jar
-  netty-transport-native-epoll-4.1.119.Final-linux-x86_64.jar
-  netty-transport-native-epoll-4.1.119.Final.jar
+  netty-transport-native-epoll-4.1.126.Final-linux-aarch_64.jar
+  netty-transport-native-epoll-4.1.126.Final-linux-x86_64.jar
+  netty-transport-native-epoll-4.1.126.Final.jar
   netty-transport-native-kqueue-4.1.100.Final-osx-aarch_64.jar
   netty-transport-native-kqueue-4.1.100.Final-osx-x86_64.jar
-  netty-transport-native-unix-common-4.1.119.Final.jar
+  netty-transport-native-unix-common-4.1.126.Final.jar
   netty-transport-rxtx-4.1.100.Final.jar
   netty-transport-sctp-4.1.100.Final.jar
   netty-transport-udt-4.1.100.Final.jar

NOTICE.txt

@@ -194,11 +194,11 @@ Apache-2.0
   mercator_2.12-0.2.1.jar
   metrics-core-3.2.4.jar
   netty-all-4.1.100.Final.jar
-  netty-buffer-4.1.119.Final.jar
-  netty-codec-4.1.119.Final.jar
+  netty-buffer-4.1.126.Final.jar
+  netty-codec-4.1.126.Final.jar
   netty-codec-dns-4.1.100.Final.jar
   netty-codec-haproxy-4.1.100.Final.jar
-  netty-codec-http-4.1.119.Final.jar
+  netty-codec-http-4.1.126.Final.jar
   netty-codec-http2-4.1.100.Final.jar
   netty-codec-memcache-4.1.100.Final.jar
   netty-codec-mqtt-4.1.100.Final.jar
@@ -207,24 +207,24 @@ Apache-2.0
   netty-codec-socks-4.1.100.Final.jar
   netty-codec-stomp-4.1.100.Final.jar
   netty-codec-xml-4.1.100.Final.jar
-  netty-common-4.1.119.Final.jar
-  netty-handler-4.1.119.Final.jar
+  netty-common-4.1.126.Final.jar
+  netty-handler-4.1.126.Final.jar
   netty-handler-proxy-4.1.100.Final.jar
   netty-handler-ssl-ocsp-4.1.100.Final.jar
-  netty-resolver-4.1.119.Final.jar
+  netty-resolver-4.1.126.Final.jar
   netty-resolver-dns-4.1.100.Final.jar
   netty-resolver-dns-classes-macos-4.1.100.Final.jar
   netty-resolver-dns-native-macos-4.1.100.Final-osx-aarch_64.jar
   netty-resolver-dns-native-macos-4.1.100.Final-osx-x86_64.jar
-  netty-transport-4.1.119.Final.jar
-  netty-transport-classes-epoll-4.1.119.Final.jar
+  netty-transport-4.1.126.Final.jar
+  netty-transport-classes-epoll-4.1.126.Final.jar
   netty-transport-classes-kqueue-4.1.100.Final.jar
-  netty-transport-native-epoll-4.1.119.Final-linux-aarch_64.jar
-  netty-transport-native-epoll-4.1.119.Final-linux-x86_64.jar
-  netty-transport-native-epoll-4.1.119.Final.jar
+  netty-transport-native-epoll-4.1.126.Final-linux-aarch_64.jar
+  netty-transport-native-epoll-4.1.126.Final-linux-x86_64.jar
+  netty-transport-native-epoll-4.1.126.Final.jar
   netty-transport-native-kqueue-4.1.100.Final-osx-aarch_64.jar
   netty-transport-native-kqueue-4.1.100.Final-osx-x86_64.jar
-  netty-transport-native-unix-common-4.1.119.Final.jar
+  netty-transport-native-unix-common-4.1.126.Final.jar
   netty-transport-rxtx-4.1.100.Final.jar
   netty-transport-sctp-4.1.100.Final.jar
   netty-transport-udt-4.1.100.Final.jar

docs/asciidoc/modules/ROOT/pages/database-integration/redis.adoc

@@ -45,7 +45,7 @@ Here is a list of all available Redis procedures:
 == Install Dependencies
 
 The Redis procedures have dependencies on a client library that is not included in the APOC Library.
-You can download it from https://github.com/lettuce-io/lettuce-core/releases/tag/6.2.5.RELEASE[the lettuce-core repository](except for `netty` jars because they are already included within neo4j)
+You can download it from https://github.com/lettuce-io/lettuce-core/releases/tag/6.5.4.RELEASE[the lettuce-core repository](except for `netty` jars because they are already included within neo4j)
 or https://github.com/neo4j-contrib/neo4j-apoc-procedures/releases/download/{apoc-release}/apoc-redis-dependencies-{apoc-release}.jar[apoc repository]
 Once that file is downloaded, it should be placed in the `plugins` directory and the Neo4j Server restarted.
 

extra-dependencies/redis/build.gradle

@@ -19,7 +19,7 @@ jar {
 }
 
 dependencies {
-    implementation group: 'io.lettuce', name: 'lettuce-core', version: '6.2.5.RELEASE', {
+    implementation group: 'io.lettuce', name: 'lettuce-core', version: '6.5.4.RELEASE', {
         exclude group: 'io.netty'
     }
 }

full/build.gradle

@@ -134,8 +134,8 @@ dependencies {
     compileOnly group: 'com.couchbase.client', name: 'java-client', version: '3.3.0', withoutJacksons
     testImplementation group: 'com.couchbase.client', name: 'java-client', version: '3.3.0', withoutJacksons
 
-    compileOnly group: 'io.lettuce', name: 'lettuce-core', version: '6.2.5.RELEASE'
-    testImplementation group: 'io.lettuce', name: 'lettuce-core', version: '6.2.5.RELEASE'
+    compileOnly group: 'io.lettuce', name: 'lettuce-core', version: '6.5.4.RELEASE'
+    testImplementation group: 'io.lettuce', name: 'lettuce-core', version: '6.5.4.RELEASE'
 
     compileOnly group: 'org.neo4j', name: 'neo4j', version: neo4jVersionEffective