ZOOKEEPER-4209: Update Netty to 4.1.53.Final

[frederiko]

Update Netty to 4.1.53.Final on 3.5 branch to address the vulnerability described at https://snyk.io/vuln/SNYK-JAVA-IONETTY-1020439

[maoling]

@frederiko

• I saw that the current latest version is 4.1.59.Final, Why not choose this one ?
• I observe the master also has that vulnerability, we can upgrade master firstly, then apply to branch-3.6 and branch-3.5 at the convenience
• The vulnerability only affects the netty-codec-http component and ZooKeeper doesn't use that component?

[frederiko]

@maoling

• Good question. I don't see anything that could have prevented to be upgraded to 4.1.59.Final. Just tried to prevent any issues and address the issue at hand. In fact, I will change to the latest.
• Yes, that can be done. However, for whatever reason mvn verify was breaking on my machine. Realized that maven was not too happy with openjdk version I had. Using zulu 11 has helped.
• I don't think zookeeper uses that at all. My goal here is to have vulnerability scanning tools to get this one out of the way.

[frederiko]

@maoling I have opened a new PR to address the issues above. #1605.

[frederiko]

Closed in favor of #1605