ENT-10888,ENT-11108 - Security vulnerabilties (#7556)

* Security vulnerabilties
* Upgraded netty
* ENT-11108: Upgraded tcnative depedency to 2.2.224.
* Added architecture classifiers for netty-tcnative

constants.properties

@@ -38,7 +38,7 @@ openSourceBranch=https://github.com/corda/corda/blob/release/os/4.4
 openSourceSamplesBranch=https://github.com/corda/samples/blob/release-V4
 jolokiaAgentVersion=1.6.1
 detektVersion=1.0.1
-tcnativeVersion=2.0.48.Final
+tcnativeVersion=2.0.62.Final
 commonsConfiguration2Version=2.8.0
 commonsTextVersion=1.10.0
 
@@ -52,14 +52,14 @@ artemisVersion=2.19.1
 # TODO Upgrade Jackson only when corda is using kotlin 1.3.10
 jacksonVersion=2.13.5
 jacksonKotlinVersion=2.9.7
-jettyVersion=9.4.52.v20230823
+jettyVersion=9.4.53.v20231009
 jerseyVersion=2.25
 servletVersion=4.0.1
 assertjVersion=3.12.2
 slf4JVersion=1.7.30
 log4JVersion=2.17.1
 okhttpVersion=3.14.9
-nettyVersion=4.1.77.Final
+nettyVersion=4.1.100.Final
 fileuploadVersion=1.4
 kryoVersion=4.0.2
 kryoSerializerVersion=0.43

node/build.gradle

@@ -209,7 +209,12 @@ dependencies {
     compile "com.palominolabs.metrics:metrics-new-relic:${metrics_new_relic_version}"
 
     // Adding native SSL library to allow using native SSL with Artemis and AMQP
-    compile "io.netty:netty-tcnative-boringssl-static:$tcnative_version"
+    compile "io.netty:netty-tcnative-boringssl-static:$tcnative_version:linux-x86_64"
+    compile "io.netty:netty-tcnative-boringssl-static:$tcnative_version:linux-aarch_64"
+    compile "io.netty:netty-tcnative-boringssl-static:$tcnative_version:osx-x86_64"
+    compile "io.netty:netty-tcnative-boringssl-static:$tcnative_version:osx-aarch_64"
+    compile "io.netty:netty-tcnative-boringssl-static:$tcnative_version:windows-x86_64"
+    compile "io.netty:netty-tcnative-classes:$tcnative_version"
 
     // Byteman for runtime (termination) rules injection on the running node
     // Submission tool allowing to install rules on running nodes