build(deps-dev): bump netty-version from 4.2.12.Final to 4.2.13.Final by dependabot[bot] · Pull Request #1989 · apache/activemq

dependabot · 2026-05-05T10:37:36Z

Bumps netty-version from 4.2.12.Final to 4.2.13.Final.
Updates io.netty:netty-buffer from 4.2.12.Final to 4.2.13.Final

Release notes

Sourced from io.netty:netty-buffer's releases.

netty-4.2.13.Final

CVEs Fixed

CVE-2026-42586 (netty-codec-redis)

CVE-2026-42578 (netty-handler-proxy)

CVE-2026-42577 (netty-transport-native-epoll)

CVE-2026-42587 (netty-codec-http, netty-codec-http2)

CVE-2026-41417 (netty-codec-http)

CVE-2026-42581 (netty-codec-http)

CVE-2026-42580 (netty-codec-http)

CVE-2026-42585 (netty-codec-http)

CVE-2026-42579 (netty-codec-dns)

CVE-2026-42582 (netty-codec-http3)

CVE-2026-42583 (netty-codec, netty-codec-compression)

CVE-2026-42584 (netty-codec-http)

CVE-2026-XXXXX (netty-codec-mqtt)

What's Changed

Kqueue: sendfile EINTR doesn't advance offset — data duplication by @normanmaurer in netty/netty#16544

Replace usage of strerror with thread-safe alternative by @normanmaurer in netty/netty#16547

Fix implementation of strerror_r_xsi for GNU by @normanmaurer in netty/netty#16546

Lazy init ArrayList in DefaultHeaders.getAll by @doom369 in netty/netty#16526

Less logging in AWS-LC build by @chrisvest in netty/netty#16565

Ensure the CRYPTO_BUFFER_POOL is also freed when we fail creating the SSLContext by @normanmaurer in netty/netty#16545

Auto-port 4.2: Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @netty-project-bot in netty/netty#16543

Avoid leak in PemReader on OutOfDirectMemoryError by @raipc in netty/netty#16551

IoUring: Disable test while we debug to unblock other builds by @normanmaurer in netty/netty#16581

Include user properties and subscription IDs in MqttProperties#isEmpty by @ShadowySpirits in netty/netty#16575

Native DNS resolver: Guard against malloc failures by @normanmaurer in netty/netty#16559

Auto-port 4.2: Increase timeouts for QuicChannelConnectTest by @netty-project-bot in netty/netty#16578

Fix parsing HTTP chunks with multiple extensions by @chrisvest in netty/netty#16579

Bump org.codehaus.plexus:plexus-utils from 3.4.2 to 4.0.3 in /codec-native-quic by @dependabot[bot] in netty/netty#16572

Revert to PR build to Ubuntu 22.04 by @chrisvest in netty/netty#16595

Native transports: Correctly create pipe when pipe2 is not supported by @normanmaurer in netty/netty#16592

Epoll: Cleanup code to always return negative value on failure by @normanmaurer in netty/netty#16591

Fix component search fast path by @yawkat in netty/netty#16548

Stabilize read-only toStringMultipleThreads1 by @chrisvest in netty/netty#16608

Stabilize more AbstractByteBufTests by @chrisvest in netty/netty#16611

Remove note about needing 256-bit for PQC by @chrisvest in netty/netty#16605

Stabilize testSessionInvalidate for Conscrypt by @chrisvest in netty/netty#16615

Quic: Correctly handle SSL_CTX_new failures by @normanmaurer in netty/netty#16622

Make LocalIoHandle public by @rdicroce in netty/netty#16621

Quic: Fix shadowing of variable which leads to incorrectly handling errors by @normanmaurer in netty/netty#16623

Auto-port 4.2: Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @netty-project-bot in netty/netty#16629

Fix shutdownInput bug in kqueue for empty recv buffer by @chrisvest in netty/netty#16630

fix FFM address semantics in directBufferAddress by @dreamlike-ocean in netty/netty#16603

HTTP2: Ensure HTTP2 preface is always send as first message by @normanmaurer in netty/netty#16636

Move Http2FrameCodecSubClassTest to correct package by @normanmaurer in netty/netty#16640

Kqueue: Fix usage of LOCAL_PEERPID by @normanmaurer in netty/netty#16637

Avoid ArrayQueue allocation in HttpServerCodec by @doom369 in netty/netty#16596

Fix file descriptor reuse bug in kqueue by @chrisvest in netty/netty#16650

... (truncated)

Commits

b3844c8 [maven-release-plugin] prepare release netty-4.2.13.Final
82f47fa Merge commit from fork
ada0999 Merge commit from fork
b4051e2 Fix BrotliDecoder not forwarding all decompressed chunks
67207c1 Merge commit from fork
541ca7c Merge commit from fork
943edb3 Fix codec-dns tests
6459a28 Merge commit from fork
b4ba61b Fix checkstyle in HttpObjectDecoder
977661f Merge commit from fork
Additional commits viewable in compare view

Updates io.netty:netty-common from 4.2.12.Final to 4.2.13.Final

Release notes

Sourced from io.netty:netty-common's releases.

netty-4.2.13.Final

CVEs Fixed

CVE-2026-42586 (netty-codec-redis)

CVE-2026-42578 (netty-handler-proxy)

CVE-2026-42577 (netty-transport-native-epoll)

CVE-2026-42587 (netty-codec-http, netty-codec-http2)

CVE-2026-41417 (netty-codec-http)

CVE-2026-42581 (netty-codec-http)

CVE-2026-42580 (netty-codec-http)

CVE-2026-42585 (netty-codec-http)

CVE-2026-42579 (netty-codec-dns)

CVE-2026-42582 (netty-codec-http3)

CVE-2026-42583 (netty-codec, netty-codec-compression)

CVE-2026-42584 (netty-codec-http)

CVE-2026-XXXXX (netty-codec-mqtt)

What's Changed

Kqueue: sendfile EINTR doesn't advance offset — data duplication by @normanmaurer in netty/netty#16544

Replace usage of strerror with thread-safe alternative by @normanmaurer in netty/netty#16547

Fix implementation of strerror_r_xsi for GNU by @normanmaurer in netty/netty#16546

Lazy init ArrayList in DefaultHeaders.getAll by @doom369 in netty/netty#16526

Less logging in AWS-LC build by @chrisvest in netty/netty#16565

Ensure the CRYPTO_BUFFER_POOL is also freed when we fail creating the SSLContext by @normanmaurer in netty/netty#16545

Auto-port 4.2: Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @netty-project-bot in netty/netty#16543

Avoid leak in PemReader on OutOfDirectMemoryError by @raipc in netty/netty#16551

IoUring: Disable test while we debug to unblock other builds by @normanmaurer in netty/netty#16581

Include user properties and subscription IDs in MqttProperties#isEmpty by @ShadowySpirits in netty/netty#16575

Native DNS resolver: Guard against malloc failures by @normanmaurer in netty/netty#16559

Auto-port 4.2: Increase timeouts for QuicChannelConnectTest by @netty-project-bot in netty/netty#16578

Fix parsing HTTP chunks with multiple extensions by @chrisvest in netty/netty#16579

Bump org.codehaus.plexus:plexus-utils from 3.4.2 to 4.0.3 in /codec-native-quic by @dependabot[bot] in netty/netty#16572

Revert to PR build to Ubuntu 22.04 by @chrisvest in netty/netty#16595

Native transports: Correctly create pipe when pipe2 is not supported by @normanmaurer in netty/netty#16592

Epoll: Cleanup code to always return negative value on failure by @normanmaurer in netty/netty#16591

Fix component search fast path by @yawkat in netty/netty#16548

Stabilize read-only toStringMultipleThreads1 by @chrisvest in netty/netty#16608

Stabilize more AbstractByteBufTests by @chrisvest in netty/netty#16611

Remove note about needing 256-bit for PQC by @chrisvest in netty/netty#16605

Stabilize testSessionInvalidate for Conscrypt by @chrisvest in netty/netty#16615

Quic: Correctly handle SSL_CTX_new failures by @normanmaurer in netty/netty#16622

Make LocalIoHandle public by @rdicroce in netty/netty#16621

Quic: Fix shadowing of variable which leads to incorrectly handling errors by @normanmaurer in netty/netty#16623

Auto-port 4.2: Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @netty-project-bot in netty/netty#16629

Fix shutdownInput bug in kqueue for empty recv buffer by @chrisvest in netty/netty#16630

fix FFM address semantics in directBufferAddress by @dreamlike-ocean in netty/netty#16603

HTTP2: Ensure HTTP2 preface is always send as first message by @normanmaurer in netty/netty#16636

Move Http2FrameCodecSubClassTest to correct package by @normanmaurer in netty/netty#16640

Kqueue: Fix usage of LOCAL_PEERPID by @normanmaurer in netty/netty#16637

Avoid ArrayQueue allocation in HttpServerCodec by @doom369 in netty/netty#16596

Fix file descriptor reuse bug in kqueue by @chrisvest in netty/netty#16650

... (truncated)

Commits

b3844c8 [maven-release-plugin] prepare release netty-4.2.13.Final
82f47fa Merge commit from fork
ada0999 Merge commit from fork
b4051e2 Fix BrotliDecoder not forwarding all decompressed chunks
67207c1 Merge commit from fork
541ca7c Merge commit from fork
943edb3 Fix codec-dns tests
6459a28 Merge commit from fork
b4ba61b Fix checkstyle in HttpObjectDecoder
977661f Merge commit from fork
Additional commits viewable in compare view

Updates io.netty:netty-handler from 4.2.12.Final to 4.2.13.Final

Release notes

Sourced from io.netty:netty-handler's releases.

netty-4.2.13.Final

CVEs Fixed

CVE-2026-42586 (netty-codec-redis)

CVE-2026-42578 (netty-handler-proxy)

CVE-2026-42577 (netty-transport-native-epoll)

CVE-2026-42587 (netty-codec-http, netty-codec-http2)

CVE-2026-41417 (netty-codec-http)

CVE-2026-42581 (netty-codec-http)

CVE-2026-42580 (netty-codec-http)

CVE-2026-42585 (netty-codec-http)

CVE-2026-42579 (netty-codec-dns)

CVE-2026-42582 (netty-codec-http3)

CVE-2026-42583 (netty-codec, netty-codec-compression)

CVE-2026-42584 (netty-codec-http)

CVE-2026-XXXXX (netty-codec-mqtt)

What's Changed

Kqueue: sendfile EINTR doesn't advance offset — data duplication by @normanmaurer in netty/netty#16544

Replace usage of strerror with thread-safe alternative by @normanmaurer in netty/netty#16547

Fix implementation of strerror_r_xsi for GNU by @normanmaurer in netty/netty#16546

Lazy init ArrayList in DefaultHeaders.getAll by @doom369 in netty/netty#16526

Less logging in AWS-LC build by @chrisvest in netty/netty#16565

Ensure the CRYPTO_BUFFER_POOL is also freed when we fail creating the SSLContext by @normanmaurer in netty/netty#16545

Auto-port 4.2: Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @netty-project-bot in netty/netty#16543

Avoid leak in PemReader on OutOfDirectMemoryError by @raipc in netty/netty#16551

IoUring: Disable test while we debug to unblock other builds by @normanmaurer in netty/netty#16581

Include user properties and subscription IDs in MqttProperties#isEmpty by @ShadowySpirits in netty/netty#16575

Native DNS resolver: Guard against malloc failures by @normanmaurer in netty/netty#16559

Auto-port 4.2: Increase timeouts for QuicChannelConnectTest by @netty-project-bot in netty/netty#16578

Fix parsing HTTP chunks with multiple extensions by @chrisvest in netty/netty#16579

Bump org.codehaus.plexus:plexus-utils from 3.4.2 to 4.0.3 in /codec-native-quic by @dependabot[bot] in netty/netty#16572

Revert to PR build to Ubuntu 22.04 by @chrisvest in netty/netty#16595

Native transports: Correctly create pipe when pipe2 is not supported by @normanmaurer in netty/netty#16592

Epoll: Cleanup code to always return negative value on failure by @normanmaurer in netty/netty#16591

Fix component search fast path by @yawkat in netty/netty#16548

Stabilize read-only toStringMultipleThreads1 by @chrisvest in netty/netty#16608

Stabilize more AbstractByteBufTests by @chrisvest in netty/netty#16611

Remove note about needing 256-bit for PQC by @chrisvest in netty/netty#16605

Stabilize testSessionInvalidate for Conscrypt by @chrisvest in netty/netty#16615

Quic: Correctly handle SSL_CTX_new failures by @normanmaurer in netty/netty#16622

Make LocalIoHandle public by @rdicroce in netty/netty#16621

Quic: Fix shadowing of variable which leads to incorrectly handling errors by @normanmaurer in netty/netty#16623

Auto-port 4.2: Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @netty-project-bot in netty/netty#16629

Fix shutdownInput bug in kqueue for empty recv buffer by @chrisvest in netty/netty#16630

fix FFM address semantics in directBufferAddress by @dreamlike-ocean in netty/netty#16603

HTTP2: Ensure HTTP2 preface is always send as first message by @normanmaurer in netty/netty#16636

Move Http2FrameCodecSubClassTest to correct package by @normanmaurer in netty/netty#16640

Kqueue: Fix usage of LOCAL_PEERPID by @normanmaurer in netty/netty#16637

Avoid ArrayQueue allocation in HttpServerCodec by @doom369 in netty/netty#16596

Fix file descriptor reuse bug in kqueue by @chrisvest in netty/netty#16650

... (truncated)

Commits

b3844c8 [maven-release-plugin] prepare release netty-4.2.13.Final
82f47fa Merge commit from fork
ada0999 Merge commit from fork
b4051e2 Fix BrotliDecoder not forwarding all decompressed chunks
67207c1 Merge commit from fork
541ca7c Merge commit from fork
943edb3 Fix codec-dns tests
6459a28 Merge commit from fork
b4ba61b Fix checkstyle in HttpObjectDecoder
977661f Merge commit from fork
Additional commits viewable in compare view

Updates io.netty:netty-codec-http from 4.2.12.Final to 4.2.13.Final

Release notes

Sourced from io.netty:netty-codec-http's releases.

netty-4.2.13.Final

CVEs Fixed

CVE-2026-42586 (netty-codec-redis)

CVE-2026-42578 (netty-handler-proxy)

CVE-2026-42577 (netty-transport-native-epoll)

CVE-2026-42587 (netty-codec-http, netty-codec-http2)

CVE-2026-41417 (netty-codec-http)

CVE-2026-42581 (netty-codec-http)

CVE-2026-42580 (netty-codec-http)

CVE-2026-42585 (netty-codec-http)

CVE-2026-42579 (netty-codec-dns)

CVE-2026-42582 (netty-codec-http3)

CVE-2026-42583 (netty-codec, netty-codec-compression)

CVE-2026-42584 (netty-codec-http)

CVE-2026-XXXXX (netty-codec-mqtt)

What's Changed

Kqueue: sendfile EINTR doesn't advance offset — data duplication by @normanmaurer in netty/netty#16544

Replace usage of strerror with thread-safe alternative by @normanmaurer in netty/netty#16547

Fix implementation of strerror_r_xsi for GNU by @normanmaurer in netty/netty#16546

Lazy init ArrayList in DefaultHeaders.getAll by @doom369 in netty/netty#16526

Less logging in AWS-LC build by @chrisvest in netty/netty#16565

Ensure the CRYPTO_BUFFER_POOL is also freed when we fail creating the SSLContext by @normanmaurer in netty/netty#16545

Auto-port 4.2: Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @netty-project-bot in netty/netty#16543

Avoid leak in PemReader on OutOfDirectMemoryError by @raipc in netty/netty#16551

IoUring: Disable test while we debug to unblock other builds by @normanmaurer in netty/netty#16581

Include user properties and subscription IDs in MqttProperties#isEmpty by @ShadowySpirits in netty/netty#16575

Native DNS resolver: Guard against malloc failures by @normanmaurer in netty/netty#16559

Auto-port 4.2: Increase timeouts for QuicChannelConnectTest by @netty-project-bot in netty/netty#16578

Fix parsing HTTP chunks with multiple extensions by @chrisvest in netty/netty#16579

Bump org.codehaus.plexus:plexus-utils from 3.4.2 to 4.0.3 in /codec-native-quic by @dependabot[bot] in netty/netty#16572

Revert to PR build to Ubuntu 22.04 by @chrisvest in netty/netty#16595

Native transports: Correctly create pipe when pipe2 is not supported by @normanmaurer in netty/netty#16592

Epoll: Cleanup code to always return negative value on failure by @normanmaurer in netty/netty#16591

Fix component search fast path by @yawkat in netty/netty#16548

Stabilize read-only toStringMultipleThreads1 by @chrisvest in netty/netty#16608

Stabilize more AbstractByteBufTests by @chrisvest in netty/netty#16611

Remove note about needing 256-bit for PQC by @chrisvest in netty/netty#16605

Stabilize testSessionInvalidate for Conscrypt by @chrisvest in netty/netty#16615

Quic: Correctly handle SSL_CTX_new failures by @normanmaurer in netty/netty#16622

Make LocalIoHandle public by @rdicroce in netty/netty#16621

Quic: Fix shadowing of variable which leads to incorrectly handling errors by @normanmaurer in netty/netty#16623

Auto-port 4.2: Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @netty-project-bot in netty/netty#16629

Fix shutdownInput bug in kqueue for empty recv buffer by @chrisvest in netty/netty#16630

fix FFM address semantics in directBufferAddress by @dreamlike-ocean in netty/netty#16603

HTTP2: Ensure HTTP2 preface is always send as first message by @normanmaurer in netty/netty#16636

Move Http2FrameCodecSubClassTest to correct package by @normanmaurer in netty/netty#16640

Kqueue: Fix usage of LOCAL_PEERPID by @normanmaurer in netty/netty#16637

Avoid ArrayQueue allocation in HttpServerCodec by @doom369 in netty/netty#16596

Fix file descriptor reuse bug in kqueue by @chrisvest in netty/netty#16650

... (truncated)

Commits

b3844c8 [maven-release-plugin] prepare release netty-4.2.13.Final
82f47fa Merge commit from fork
ada0999 Merge commit from fork
b4051e2 Fix BrotliDecoder not forwarding all decompressed chunks
67207c1 Merge commit from fork
541ca7c Merge commit from fork
943edb3 Fix codec-dns tests
6459a28 Merge commit from fork
b4ba61b Fix checkstyle in HttpObjectDecoder
977661f Merge commit from fork
Additional commits viewable in compare view

Updates io.netty:netty-transport from 4.2.12.Final to 4.2.13.Final

Release notes

Sourced from io.netty:netty-transport's releases.

netty-4.2.13.Final

CVEs Fixed

CVE-2026-42586 (netty-codec-redis)

CVE-2026-42578 (netty-handler-proxy)

CVE-2026-42577 (netty-transport-native-epoll)

CVE-2026-42587 (netty-codec-http, netty-codec-http2)

CVE-2026-41417 (netty-codec-http)

CVE-2026-42581 (netty-codec-http)

CVE-2026-42580 (netty-codec-http)

CVE-2026-42585 (netty-codec-http)

CVE-2026-42579 (netty-codec-dns)

CVE-2026-42582 (netty-codec-http3)

CVE-2026-42583 (netty-codec, netty-codec-compression)

CVE-2026-42584 (netty-codec-http)

CVE-2026-XXXXX (netty-codec-mqtt)

What's Changed

Kqueue: sendfile EINTR doesn't advance offset — data duplication by @normanmaurer in netty/netty#16544

Replace usage of strerror with thread-safe alternative by @normanmaurer in netty/netty#16547

Fix implementation of strerror_r_xsi for GNU by @normanmaurer in netty/netty#16546

Lazy init ArrayList in DefaultHeaders.getAll by @doom369 in netty/netty#16526

Less logging in AWS-LC build by @chrisvest in netty/netty#16565

Ensure the CRYPTO_BUFFER_POOL is also freed when we fail creating the SSLContext by @normanmaurer in netty/netty#16545

Auto-port 4.2: Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @netty-project-bot in netty/netty#16543

Avoid leak in PemReader on OutOfDirectMemoryError by @raipc in netty/netty#16551

IoUring: Disable test while we debug to unblock other builds by @normanmaurer in netty/netty#16581

Include user properties and subscription IDs in MqttProperties#isEmpty by @ShadowySpirits in netty/netty#16575

Native DNS resolver: Guard against malloc failures by @normanmaurer in netty/netty#16559

Auto-port 4.2: Increase timeouts for QuicChannelConnectTest by @netty-project-bot in netty/netty#16578

Fix parsing HTTP chunks with multiple extensions by @chrisvest in netty/netty#16579

Bump org.codehaus.plexus:plexus-utils from 3.4.2 to 4.0.3 in /codec-native-quic by @dependabot[bot] in netty/netty#16572

Revert to PR build to Ubuntu 22.04 by @chrisvest in netty/netty#16595

Native transports: Correctly create pipe when pipe2 is not supported by @normanmaurer in netty/netty#16592

Epoll: Cleanup code to always return negative value on failure by @normanmaurer in netty/netty#16591

Fix component search fast path by @yawkat in netty/netty#16548

Stabilize read-only toStringMultipleThreads1 by @chrisvest in netty/netty#16608

Stabilize more AbstractByteBufTests by @chrisvest in netty/netty#16611

Remove note about needing 256-bit for PQC by @chrisvest in netty/netty#16605

Stabilize testSessionInvalidate for Conscrypt by @chrisvest in netty/netty#16615

Quic: Correctly handle SSL_CTX_new failures by @normanmaurer in netty/netty#16622

Make LocalIoHandle public by @rdicroce in netty/netty#16621

Quic: Fix shadowing of variable which leads to incorrectly handling errors by @normanmaurer in netty/netty#16623

Auto-port 4.2: Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @netty-project-bot in netty/netty#16629

Fix shutdownInput bug in kqueue for empty recv buffer by @chrisvest in netty/netty#16630

fix FFM address semantics in directBufferAddress by @dreamlike-ocean in netty/netty#16603

HTTP2: Ensure HTTP2 preface is always send as first message by @normanmaurer in netty/netty#16636

Move Http2FrameCodecSubClassTest to correct package by @normanmaurer in netty/netty#16640

Kqueue: Fix usage of LOCAL_PEERPID by @normanmaurer in netty/netty#16637

Avoid ArrayQueue allocation in HttpServerCodec by @doom369 in netty/netty#16596

Fix file descriptor reuse bug in kqueue by @chrisvest in netty/netty#16650

... (truncated)

Commits

b3844c8 [maven-release-plugin] prepare release netty-4.2.13.Final
82f47fa Merge commit from fork
ada0999 Merge commit from fork
b4051e2 Fix BrotliDecoder not forwarding all decompressed chunks
67207c1 Merge commit from fork
541ca7c Merge commit from fork
943edb3 Fix codec-dns tests
6459a28 Merge commit from fork
b4ba61b Fix checkstyle in HttpObjectDecoder
977661f Merge commit from fork
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps `netty-version` from 4.2.12.Final to 4.2.13.Final. Updates `io.netty:netty-buffer` from 4.2.12.Final to 4.2.13.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.12.Final...netty-4.2.13.Final) Updates `io.netty:netty-common` from 4.2.12.Final to 4.2.13.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.12.Final...netty-4.2.13.Final) Updates `io.netty:netty-handler` from 4.2.12.Final to 4.2.13.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.12.Final...netty-4.2.13.Final) Updates `io.netty:netty-codec-http` from 4.2.12.Final to 4.2.13.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.12.Final...netty-4.2.13.Final) Updates `io.netty:netty-transport` from 4.2.12.Final to 4.2.13.Final - [Release notes](https://github.com/netty/netty/releases) - [Commits](netty/netty@netty-4.2.12.Final...netty-4.2.13.Final) --- updated-dependencies: - dependency-name: io.netty:netty-buffer dependency-version: 4.2.13.Final dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: io.netty:netty-common dependency-version: 4.2.13.Final dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: io.netty:netty-handler dependency-version: 4.2.13.Final dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: io.netty:netty-codec-http dependency-version: 4.2.13.Final dependency-type: direct:development update-type: version-update:semver-patch - dependency-name: io.netty:netty-transport dependency-version: 4.2.13.Final dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-05-05T12:24:28Z

Test Results

1 083 files + 168 1 083 suites +168 4h 22m 24s ⏱️ + 1h 2m 42s
10 084 tests +1 702 9 765 ✅ +1 685 319 💤 +17 0 ❌ ±0
10 272 runs +1 891 9 953 ✅ +1 874 319 💤 +17 0 ❌ ±0

Results for commit 1c71db8. ± Comparison against base commit 9d6ab80.

This pull request removes 60 and adds 1762 tests. Note that renamed tests count towards both.

org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=GUESTS.BY_PASS,TEST, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=org.apache.activemq.security.JaasAuthenticationPlugin@1c39680d}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=queue://TEST, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=SimpleAuthenticationBroker}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=queue://TEST, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=org.apache.activemq.security.JaasAuthenticationPlugin@1c39680d}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=queue://USERS.FOO, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=SimpleAuthenticationBroker}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=queue://USERS.FOO, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=org.apache.activemq.security.JaasAuthenticationPlugin@1c39680d}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=topic://TEST, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=SimpleAuthenticationBroker}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=topic://TEST, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=org.apache.activemq.security.JaasAuthenticationPlugin@1c39680d}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=topic://USERS.FOO, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=SimpleAuthenticationBroker}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {destination=topic://USERS.FOO, password=password, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6, authenticationPlugin=org.apache.activemq.security.JaasAuthenticationPlugin@1c39680d}
org.apache.activemq.security.SimpleSecurityBrokerSystemTest ‑ testGuestReceiveFails {password=password, authenticationPlugin=SimpleAuthenticationBroker, destination=GUESTS.BY_PASS,TEST, userName=guest, authorizationPlugin=org.apache.activemq.security.AuthorizationPlugin@4bf48f6}
…

org.apache.activemq.BrokerConfigTest ‑ testEmbeddedxMLConfig
org.apache.activemq.TwoBrokerTopicSendReceiveUsingHttpTest ‑ testSendReceive
org.apache.activemq.bugs.AMQ2764Test ‑ testBrokerRestart
org.apache.activemq.bugs.AMQ2764Test ‑ testInactivityMonitor
org.apache.activemq.bugs.AMQ9255Test ‑ testExpiredMessages
org.apache.activemq.config.BrokerXmlConfigStartTest ‑ testStartBrokerUsingXmlConfig1[activemq-demo.xml]
org.apache.activemq.config.BrokerXmlConfigStartTest ‑ testStartBrokerUsingXmlConfig1[activemq-dynamic-network-broker1.xml]
org.apache.activemq.config.BrokerXmlConfigStartTest ‑ testStartBrokerUsingXmlConfig1[activemq-dynamic-network-broker2.xml]
org.apache.activemq.config.BrokerXmlConfigStartTest ‑ testStartBrokerUsingXmlConfig1[activemq-jdbc-performance.xml]
org.apache.activemq.config.BrokerXmlConfigStartTest ‑ testStartBrokerUsingXmlConfig1[activemq-jdbc.xml]
…

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels May 5, 2026

jbonofre approved these changes May 6, 2026

View reviewed changes

jbonofre merged commit 0deea08 into main May 6, 2026
11 checks passed

jbonofre deleted the dependabot/maven/netty-version-4.2.13.Final branch May 6, 2026 04:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps-dev): bump netty-version from 4.2.12.Final to 4.2.13.Final#1989

build(deps-dev): bump netty-version from 4.2.12.Final to 4.2.13.Final#1989
jbonofre merged 1 commit intomainfrom
dependabot/maven/netty-version-4.2.13.Final

dependabot Bot commented on behalf of github May 5, 2026

Uh oh!

github-actions Bot commented May 5, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github May 5, 2026

netty-4.2.13.Final

CVEs Fixed

What's Changed

netty-4.2.13.Final

CVEs Fixed

What's Changed

netty-4.2.13.Final

CVEs Fixed

What's Changed

netty-4.2.13.Final

CVEs Fixed

What's Changed

netty-4.2.13.Final

CVEs Fixed

What's Changed

Uh oh!

github-actions Bot commented May 5, 2026

Test Results

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant