Denial of Service (DoS) vulnerability in 4.1.60.Final

[ronanwatkins]

Recommend upgrading netty.version to 4.1.68.Final in the pom.
It's causing snyk to report high vulnerabilities from projects using this dependency.

More details: https://app.snyk.io/vuln/SNYK-JAVA-IONETTY-1584063

[ronanwatkins]

I've opened this PR to address it: #1803

[dari0g]

Is there an update on this issue?

Need to resolve:

• CVE-2021-37136
• CVE-2021-37137

[ronanwatkins]

Unfortunately, it seems like this project isn't getting much attention anymore. The last commit was 7 months ago and the previous maintainer tweeted that he doesn't have time to maintain this project anymore.

[dari0g]

Will we have a new maintainer since the previous maintainer does not have the availability to maintain it?

[hyperxpro]

Will be fixed in the v3.0.0 release.