I'm going to upgrade the following third party libraries in order to address vulnerabilities found in them:
- io.netty:netty 3.10.5.Final -> 3.10.6.Final (CVE-2015-2156 (H), CVE-2014-3488 (H), protobuf: CVE-2015-5237 (H), npn-api: CVE-2017-9735 (H), CVE-1999-1198 (H), CVE-1999-1193 (H))
- org.slf4j:slf4j-api 1.7.5 -> 1.7.25
- log4j:log4j 1.2.16 -> 1.2.17
Please review the list and let me know if you have any concerns or would like to add more deps to upgrade.