From 9a89a2c74b9a2bcc48e0778e88d91333dfb6c44b Mon Sep 17 00:00:00 2001
From: NikhilPatil <nikhil.patil5@ibm.com>
Date: Thu, 13 Feb 2025 13:29:27 +0530
Subject: [PATCH 1/2] CVE-2025-24970 high vul fix

---
 provider/notification-ibm/pom.xml | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/provider/notification-ibm/pom.xml b/provider/notification-ibm/pom.xml
index 0bc62b716..7f0a83f06 100644
--- a/provider/notification-ibm/pom.xml
+++ b/provider/notification-ibm/pom.xml
@@ -55,18 +55,16 @@
         <groupId>io.undertow</groupId>
         <artifactId>undertow-websockets-jsr</artifactId>
       </dependency>
-      <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-bom</artifactId>
-            <version>4.1.118.Final</version>
-            <type>pom</type>
-            <scope>import</scope>
-      </dependency>
 
     </dependencies>
   </dependencyManagement>
 
     <dependencies>
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-handler</artifactId>
+            <version>4.1.118.Final</version>
+        </dependency>
 	    <dependency>
 	        <groupId>org.opengroup.osdu</groupId>
 	        <artifactId>os-core-lib-ibm</artifactId>
@@ -100,6 +98,12 @@
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>notification-core</artifactId>
             <version>0.28.0-SNAPSHOT</version>
+            <exclusions>
+                    <exclusion>
+                        <groupId>io.netty</groupId>
+                        <artifactId>netty-handler</artifactId>
+                    </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
     		<groupId>org.springframework.security</groupId>
-- 
GitLab


From 3318dbad8d81553215ddb7d8fdc5b1a6ba5f6a92 Mon Sep 17 00:00:00 2001
From: NikhilPatil <nikhil.patil5@ibm.com>
Date: Thu, 13 Feb 2025 13:29:27 +0530
Subject: [PATCH 2/2] CVE-2025-24970 high vul fix

---
 provider/notification-ibm/pom.xml | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/provider/notification-ibm/pom.xml b/provider/notification-ibm/pom.xml
index 0bc62b716..7f0a83f06 100644
--- a/provider/notification-ibm/pom.xml
+++ b/provider/notification-ibm/pom.xml
@@ -55,18 +55,16 @@
         <groupId>io.undertow</groupId>
         <artifactId>undertow-websockets-jsr</artifactId>
       </dependency>
-      <dependency>
-            <groupId>io.netty</groupId>
-            <artifactId>netty-bom</artifactId>
-            <version>4.1.118.Final</version>
-            <type>pom</type>
-            <scope>import</scope>
-      </dependency>
 
     </dependencies>
   </dependencyManagement>
 
     <dependencies>
+        <dependency>
+            <groupId>io.netty</groupId>
+            <artifactId>netty-handler</artifactId>
+            <version>4.1.118.Final</version>
+        </dependency>
 	    <dependency>
 	        <groupId>org.opengroup.osdu</groupId>
 	        <artifactId>os-core-lib-ibm</artifactId>
@@ -100,6 +98,12 @@
             <groupId>org.opengroup.osdu</groupId>
             <artifactId>notification-core</artifactId>
             <version>0.28.0-SNAPSHOT</version>
+            <exclusions>
+                    <exclusion>
+                        <groupId>io.netty</groupId>
+                        <artifactId>netty-handler</artifactId>
+                    </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
     		<groupId>org.springframework.security</groupId>
-- 
GitLab