Bump io.netty:netty-transport-native-epoll from 4.1.132.Final to 4.1.133.Final

[dependabot]

Bumps io.netty:netty-transport-native-epoll from 4.1.132.Final to 4.1.133.Final.

Release notes

Sourced from io.netty:netty-transport-native-epoll's releases.

netty-4.1.133.Final

CVEs Fixed

• CVE-2026-42586 (netty-codec-redis)
• CVE-2026-42578 (netty-handler-proxy)
• CVE-2026-42587 (netty-codec-http, netty-codec-http2)
• CVE-2026-41417 (netty-codec-http)
• CVE-2026-42581 (netty-codec-http)
• CVE-2026-42580 (netty-codec-http)
• CVE-2026-42585 (netty-codec-http)
• CVE-2026-42579 (netty-codec-dns)
• CVE-2026-42582 (netty-codec-http3)
• CVE-2026-42583 (netty-codec, netty-codec-compression)
• CVE-2026-42584 (netty-codec-http)
• CVE-2026-44248 (netty-codec-mqtt)

What's Changed

• Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @​daguimu in netty/netty#16539
• Auto-port 4.1: Fix implementation of strerror_r_xsi for GNU by @​netty-project-bot in netty/netty#16561
• Auto-port 4.1: Replace usage of strerror with thread-safe alternative by @​netty-project-bot in netty/netty#16555
• Auto-port 4.1: Kqueue: sendfile EINTR doesn't advance offset — data duplication by @​netty-project-bot in netty/netty#16554
• Auto-port 4.1: Avoid leak in PemReader on OutOfDirectMemoryError by @​netty-project-bot in netty/netty#16576
• Auto-port 4.1: Native DNS resolver: Guard against malloc failures by @​netty-project-bot in netty/netty#16584
• Auto-port 4.1: Include user properties and subscription IDs in MqttProperties#isEmpty by @​netty-project-bot in netty/netty#16582
• Auto-port 4.1: Fix parsing HTTP chunks with multiple extensions by @​netty-project-bot in netty/netty#16588
• Auto-port 4.1: Stabilize read-only toStringMultipleThreads1 by @​netty-project-bot in netty/netty#16610
• Auto-port 4.1: Epoll: Cleanup code to always return negative value on failure by @​netty-project-bot in netty/netty#16601
• Auto-port 4.1: Stabilize more AbstractByteBufTests by @​netty-project-bot in netty/netty#16613
• Auto-port 4.1: Stabilize testSessionInvalidate for Conscrypt by @​netty-project-bot in netty/netty#16616
• Auto-port 4.1: Native transports: Correctly create pipe when pipe2 is not supported by @​netty-project-bot in netty/netty#16598
• Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @​daguimu in netty/netty#16558
• Fix shutdownInput bug in kqueue for empty recv buffer (#16630) by @​normanmaurer in netty/netty#16638
• Auto-port 4.1: Kqueue: Fix usage of LOCAL_PEERPID by @​netty-project-bot in netty/netty#16646
• Auto-port 4.1: HTTP2: Ensure HTTP2 preface is always send as first message by @​netty-project-bot in netty/netty#16642
• Auto-port 4.1: Propagate exceptions from inner threads in buffer tests by @​netty-project-bot in netty/netty#16652
• Auto-port 4.1: Add maxFrameLength support to ProtobufVarint32FrameDecoder by @​netty-project-bot in netty/netty#16658
• Auto-port 4.1: Bump up netty-tcnative to 2.0.76.Final by @​netty-project-bot in netty/netty#16672
• HTTP2: Ensure HTTP2 preface is always send as first message (also on … by @​chrisvest in netty/netty#16675
• Improve flaky NioSocketChannelTest (#16679) by @​normanmaurer in netty/netty#16681
• Deprecate ObjectCleaner and remove usage (#16685) by @​chrisvest in netty/netty#16694
• Auto-port 4.1: Update to netty-tcnative 2.0.77.Final by @​netty-project-bot in netty/netty#16695
• Avoid NPE in JdkSslServerContext when TrustManagerFactory returns null by @​daguimu in netty/netty#16691
• Avoid NPE in JdkSslClientContext when TrustManagerFactory returns null by @​daguimu in netty/netty#16690
• Auto-port 4.1: Avoid TCPFastOpen in KQueueCompositeBufferGatheringWriteTest by @​netty-project-bot in netty/netty#16699
• Auto-port 4.1: SCTP: Correctly handle SO_BACKLOG by @​netty-project-bot in netty/netty#16715
• Fix DiscardClient hang under -Dssl by using a client SSL context by @​daguimu in netty/netty#16717
• Auto-port 4.1: Consolidate fake exceptions in HTTP/2 tests into Http2TestUtil by @​netty-project-bot in netty/netty#16725
• Auto-port 4.1: Activate noPrintGC by default by @​netty-project-bot in netty/netty#16735
• Merge commit from fork by @​normanmaurer in netty/netty#16742

New Contributors

... (truncated)

Commits

• fb13125 [maven-release-plugin] prepare release netty-4.1.133.Final
• 815f71a Fix compilation after multiple backports
• 1986c38 Merge commit from fork
• 6f69dc9 Merge commit from fork
• bf78040 Fix BrotliDecoder not forwarding all decompressed chunks
• 387bbd0 Merge commit from fork
• 417ebaa Fix codec-dns tests
• 3c091ab Merge commit from fork
• 5d60b87 Fix checkstyle in HttpObjectDecoder
• 485f11d Merge commit from fork
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)