Upgrade to netty 4.1.126.Final

Fixes a couple of high-prio CVEs CVE-2025-58057 and CVE-2025-58056
in netty-codec-http, which we use for the metrics endpoint.

Signed-off-by: Robert Young <robertyoungnz@gmail.com>

Author: robobario

pom.xml

@@ -50,7 +50,7 @@
         <log4j.version>2.25.1</log4j.version>
         <caffeine.version>3.2.2</caffeine.version>
         <picocli.version>4.7.7</picocli.version>
-        <netty.version>4.1.123.Final</netty.version>
+        <netty.version>4.1.126.Final</netty.version>
         <netty.io_uring.version>0.0.26.Final</netty.io_uring.version>
         <netty.epoll.classifier>linux-x86_64</netty.epoll.classifier>
         <netty.io_uring.classifier>linux-x86_64</netty.io_uring.classifier>