[fix][sec] Upgrade to Netty 4.1.118

[merlimat]

Motivation

┌─────────────────────────────────────────────────────┬────────────────┬──────────┬──────────┬───────────────────┬───────────────┬───────────────────────────────────────────────────────────┐
│                       Library                       │ Vulnerability  │ Severity │  Status  │ Installed Version │ Fixed Version │                           Title                           │
├─────────────────────────────────────────────────────┼────────────────┼──────────┼──────────┼───────────────────┼───────────────┼───────────────────────────────────────────────────────────┤
│ io.netty:netty-handler                              │ CVE-2025-24970 │ HIGH     │ fixed    │ 4.1.117.Final     │ 4.1.118.Final │ Netty, an asynchronous, event-driven network application  │
│ (io.netty-netty-handler-4.1.117.Final.jar)          │                │          │          │                   │               │ framework, ha ...                                         │
│                                                     │                │          │          │                   │               │ https://avd.aquasec.com/nvd/cve-2025-24970                │
├─────────────────────────────────────────────────────┼────────────────┼──────────┤          ├───────────────────┼───────────────┼───────────────────────────────────────────────────────────┤

Modifications

Verifying this change

• Make sure that the change passes the CI checks.

(Please pick either of the following options)

This change is a trivial rework / code cleanup without any test coverage.

(or)

This change is already covered by existing tests, such as (please describe tests).

(or)

This change added tests and can be verified as follows:

(example:)

• Added integration tests for end-to-end deployment with large payloads (10MB)
• Extended integration test for recovery after broker failure

Does this pull request potentially affect one of the following parts:

If the box was checked, please highlight the changes

• Dependencies (add or upgrade a dependency)
• The public API
• The schema
• The default values of configurations
• The threading model
• The binary protocol
• The REST endpoints
• The admin CLI options
• The metrics
• Anything that affects deployment

Documentation

• doc
• doc-required
• doc-not-needed
• doc-complete

Matching PR in forked repository

PR in forked repository:

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 74.25%. Comparing base (bbc6224) to head (e313435).
Report is 900 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff              @@
##             master   #23965      +/-   ##
============================================
+ Coverage     73.57%   74.25%   +0.68%     
+ Complexity    32624    32281     -343     
============================================
  Files          1877     1853      -24     
  Lines        139502   143821    +4319     
  Branches      15299    16339    +1040     
============================================
+ Hits         102638   106795    +4157     
+ Misses        28908    28636     -272     
- Partials       7956     8390     +434     

Flag	Coverage Δ
inttests	26.85% <ø> (+2.26%)	⬆️
systests	23.25% <ø> (-1.08%)	⬇️
unittests	73.77% <ø> (+0.93%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 1040 files with indirect coverage changes