fix(opensearch-3): GHSA-84h7-rjj3-6jx4

Bump netty version to 4.2.8.Final

Relates: chainguard-dev/CVE-Dashboard#51553

<!--ci-cve-scan:fail-any-->

Author: catmsred

opensearch-3.yaml

@@ -109,6 +109,10 @@ pipeline:
       tag: ${{package.version}}
       expected-commit: 00336141f90b2456d7aa35e9052fd6baf7147423
 
+  - uses: patch
+    with:
+      patches: netty-bump.patch
+
   - runs: |
       echo "org.gradle.daemon=false" >> gradle.properties
       gradle localDistro --parallel -Dbuild.snapshot="false" -Dbuild.version_qualifier=""
@@ -190,6 +194,9 @@ subpackages:
 
           echo "Using plugin tag: $LATEST_TAG"
           git checkout --quiet "$LATEST_TAG"
+      - uses: patch
+        with:
+          patches: netty-bump.patch
       - runs: |
           cd ./plugins/${{range.key}}
 

opensearch-3/netty-bump.patch

@@ -0,0 +1,12 @@
+diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
+--- a/gradle/libs.versions.toml
++++ b/gradle/libs.versions.toml
+@@ -36,7 +36,7 @@ json_smart        = "2.5.2"
+ # when updating the JNA version, also update the version in buildSrc/build.gradle
+ jna               = "5.16.0"
+
+-netty             = "4.2.7.Final"
++netty             = "4.2.8.Final"
+ joda              = "2.12.7"
+ roaringbitmap     = "1.3.0"
+