This update for netty, netty-tcnative fixes the following issues:

Upidate to 4.1.132:

- CVE-2026-33870: incorrectly parses quoted strings in HTTP/1.1 can lead to request smuggling (bsc#1261031).
- CVE-2026-33871: sending a flood of CONTINUATION frames can lead to a denial of service (bsc#1261043).

Changelog:

- Upgrade to upstream version 4.1.132
 * Fixes:
 + Fix Incorrect nanos-to-millis conversion in epoll_wait EINTR
 retry loop
 + Make RefCntOpenSslContext.deallocate more robust
 + HTTP2: Correctly account for padding when decompress
 + Fix high-order bit aliasing in HttpUtil.validateToken
 + fix: the precedence of + is higher than >>
 + AdaptiveByteBufAllocator: make sure byteBuf.capacity() not
 greater than byteBuf.maxCapacity()
 + AdaptivePoolingAllocator: call unreserveMatchingBuddy(...)
 if byteBuf initialization failed
 + Don't assume CertificateFactory is thread-safe
 + Fix HttpObjectAggregator leaving connection stuck after 413
 with AUTO_READ=false
 + HTTP2: Ensure preface is flushed in all cases
 + Fix UnsupportedOperationException in readTrailingHeaders
 + Fix client_max_window_bits parameter handling in
 permessage-deflate extension
 + Native transports: Fix possible fd leak when fcntl fails.
 + Kqueue: Fix undefined behaviour when GetStringUTFChars fails
 and SO_ACCEPTFILTER is supported
 + Kqueue: Possible overflow when using
 netty_kqueue_bsdsocket_setAcceptFilter(...)
 + Native transports: Fix undefined behaviour when
 GetStringUTFChars fails while open FD
 + Epoll: Add null checks for safety reasons
 + Epoll: Use correct value to initialize mmsghdr.msg_namelen
 + Epoll: Fix support for IP_RECVORIGDSTADDR
 + AdaptivePoolingAllocator: remove ensureAccessible() call in
 capacity(int) method
 + Epoll: setTcpMg5Sig(...) might overflow
 + JdkZlibDecoder: accumulate decompressed output before firing
 channelRead
 + Limit the number of Continuation frames per HTTP2 Headers
 (bsc#1261043, CVE-2026-33871)
 + Stricter HTTP/1.1 chunk extension parsing (bsc#1261031,
 CVE-2026-33870)
 + rediff
- Upgrade to upstream version 4.1.131
 + NioDatagramChannel.block(...) does not early return on failure
 + Support for AWS Libcrypto (AWS-LC) netty-tcnative build
 + codec-dns: Decompress MX RDATA exchange domain names during
 DNS record decoding
 + Buddy allocation for large buffers in adaptive allocator
 + SslHandler: Only resume on EventLoop if EventLoop is not
 shutting down already
 + Wrap ECONNREFUSED in PortUnreachableException for UDP
 + Bump com.ning:compress-lzf (4.1)
 + Fix adaptive allocator bug from not noticing failed allocation
 + Avoid loosing original read exception
 + Backport multiple adaptive allocator changes
- Upgrade to version 4.1.130
- Upgrade to version 2.0.75 Final
 * No formal changelog present
 * Needed by netty >= 4.2.11