updating netty to v. 4.1.118.Final

[stecurran-est-tech]

Why:
Update to address CVE-2025-25193 and CVE-2025-24970
https://nvd.nist.gov/vuln/detail/CVE-2025-25193
https://nvd.nist.gov/vuln/detail/CVE-2025-24970

What:
Netty version 4.1.114.Final to 4.1.118.Final
Affecting io.netty:netty-handler and io.netty:netty-transport-native-epoll

Expected Behavior:
Vulnerability scanning should not output evidence of impacted netty version after update
cruise-control should build successfully after update.

Actual Behavior:
Vulnerability scanning did not output evidence of impacted netty version after update
cruise-control build was successful after update.

Categorization:
security/CVE

[stecurran-est-tech]

Resolved through "fix: updated dependencies to fix CVEs #2278"

[stecurran-est-tech]

Re-opening due to potential delays with implementing #2278

[stecurran-est-tech]

This should be okay to merge, this addresses netty update in #2278
@aswinayyolath are you okay with this?

Could one of the maintainers have a look?
@mhratson @CCisGG

Thanks

[CCisGG]

Running internal checks. Will merge once the check pass.

[ivonaest]

Updating netty and vertex versions to fix CVEs #2310
@CCisGG Would you mind taking a look at my pull request which remediates all of the CVEs connected to netty.

Thank you