Commit 9463913
authored
Bump Netty to 4.1.133.Final and update trivyignore (#1374)
*Issue #, if available:* #1372
*Description of changes:*
Bump netty to 4.1.133.Final to fix CVE-2026-41417. This CVE is low-risk
for end-users as no attacker-controlled input reaches `setUri()`.
Updated trivyignore to keep workflows unblocked until the next ADOT Java
release (in ~2 weeks).
By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.1 parent c89a398 commit 9463913
4 files changed
Lines changed: 10 additions & 16 deletions
File tree
- .github/trivy
- dependencyManagement
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
11 | 11 | | |
12 | 12 | | |
13 | 13 | | |
14 | | - | |
15 | | - | |
16 | | - | |
17 | | - | |
18 | | - | |
19 | | - | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
9 | 9 | | |
10 | 10 | | |
11 | 11 | | |
12 | | - | |
13 | | - | |
14 | | - | |
15 | | - | |
16 | | - | |
17 | | - | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
13 | 13 | | |
14 | 14 | | |
15 | 15 | | |
| 16 | + | |
| 17 | + | |
16 | 18 | | |
17 | 19 | | |
18 | 20 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
40 | 40 | | |
41 | 41 | | |
42 | 42 | | |
43 | | - | |
44 | | - | |
45 | | - | |
46 | | - | |
| 43 | + | |
| 44 | + | |
47 | 45 | | |
48 | 46 | | |
49 | 47 | | |
| |||
0 commit comments