Update netty to 4.1.72.Final

[vrvs]

What version of gRPC-Java are you using?
https://github.com/grpc/grpc-java/releases/tag/v1.43.1

What is your environment?
Ubuntu 20.04.3 (Azure pipelines)

PaloAltoNetworks' Prisma Cloud Scan shows some vulnerabilities in netty-codec.
The version 4.1.68.Final and later has not any high severity issues. And the 4.1.71.Final and later has none.

Vulnerabilities fixed in 4.1.68.Final: https://snyk.io/vuln/maven:io.netty%3Anetty-codec

Vulnerability fixed in 4.1.71.Final: https://security.snyk.io/vuln/SNYK-JAVA-IONETTY-2314893

[sergiitk]

This is in progress, see #8780.

[ejona86]

Closing as a duplicate of #8617 (yes, that is to upgrade to an older version of Netty, but our intention is to upgrade to 4.1.72; this can be re-opened if we don't end up upgrading to 4.1.72). Note that we recommend using grpc-netty-shaded is not vulnerable to the mentioned vulnerabilities.

When using grpc-netty, you are free to use newer versions of Netty, but recognize that regressions/incompatibilities are not as rare as we'd hope.