Commit d53289e
committed
fix: bump netty from 4.1.127 to 4.1.135 to remediate CVE-2026-44249 and CVE-2026-45416
Bumps netty.version to 4.1.135.Final to fix:
- CVE-2026-44249 (CVSS 8.1): IPv6 subnet ACL bypass
- CVE-2026-45416 (CVSS 7.5): TLS ClientHello memory exhaustion DoS
This also covers CVE-2026-42583 (CVSS 7.5, fixed in 4.1.131.Final).1 parent 95962cb commit d53289e
1 file changed
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
56 | 56 | | |
57 | 57 | | |
58 | 58 | | |
59 | | - | |
| 59 | + | |
60 | 60 | | |
61 | 61 | | |
62 | 62 | | |
| |||
0 commit comments