Netty multiple cve fix release 4.1.133.Final

[chris-mcc]

Describe the bug

Hi,

good version bump time

CVEs Fixed

[CVE-2026-42586](https://github.com/netty/netty/security/advisories/GHSA-rgrr-p7gp-5xj7) (netty-codec-redis)
[CVE-2026-42578](https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr) (netty-handler-proxy)
[CVE-2026-42587](https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv) (netty-codec-http, netty-codec-http2)
[CVE-2026-41417](https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv) (netty-codec-http)
[CVE-2026-42581](https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9) (netty-codec-http)
[CVE-2026-42580](https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723) (netty-codec-http)
[CVE-2026-42585](https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv) (netty-codec-http)
[CVE-2026-42579](https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm) (netty-codec-dns)
[CVE-2026-42582](https://github.com/netty/netty/security/advisories/GHSA-2c5c-chwr-9hqw) (netty-codec-http3)
[CVE-2026-42583](https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6) (netty-codec, netty-codec-compression)
[CVE-2026-42584](https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3) (netty-codec-http)
[CVE-2026-44248](https://github.com/netty/netty/security/advisories/GHSA-jfg9-48mv-9qgx) (netty-codec-mqtt)

Regression Issue

• Select this option if this issue appears to be a regression.

Expected Behavior

Current release for cve fixes

Current Behavior

unpatched version

Reproduction Steps

n/a

Possible Solution

version bump

Additional Information/Context

No response

AWS Java SDK version used

2.44.1

JDK version used

25.0.3

Operating System and version

ubuntu 24.04.4

[debora-ito]

@chris-mcc thank you for reporting.

The SDK doesn't use some of the packages on that list of CVEs. But we'll upgrade.