This update for netty, netty-tcnative fixes the following issues: Upgrade to upstream version 4.1.126. Security issues fixed: CVE-2025-58057: decompression codecs allocating a large number of buffers after processing specially crafted input can cause a denial of service (bsc#1249134). CVE-2025-58056: incorrect parsing of chunk extensions can lead to request smuggling (bsc#1249116). CVE-2025-55163: "MadeYouReset" denial of serivce attack in the HTTP/2 protocol (bsc#1247991). Other issues fixed: Fixes from version 4.1.126 Fix IllegalReferenceCountException on invalid upgrade response. Drop unknown frame on missing stream. Don't try to handle incomplete upgrade request. Update to netty-tcnative 2.0.73Final. Fixes from version 4.1.124 Fix NPE and AssertionErrors when many tasks are scheduled and cancelled. HTTP2: Http2ConnectionHandler should always use Http2ConnectionEncoder. Epoll: Correctly handle UDP packets with source port of 0. Fix netty-common OSGi Import-Package header. MqttConnectPayload.toString() includes password. Fixes from version 4.1.123 Fix chunk reuse bug in adaptive allocator. More accurate adaptive memory usage accounting. Introduce size-classes for the adaptive allocator. Reduce magazine proliferation eagerness. Fix concurrent ByteBuffer access issue in AdaptiveByteBuf.getBytes. Fix possible buffer corruption caused by incorrect setCharSequence(…) implementation. AdaptiveByteBuf: Fix AdaptiveByteBuf.maxFastWritableBytes() to take…Read More