Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.220...7.21.0-rc.221

Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.219...7.21.0-rc.220

Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.218...7.21.0-rc.219

Release v4.9.0

Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.217...7.21.0-rc.218

Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.216...7.21.0-rc.217

Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.215...7.21.0-rc.216

Full Changelog: https://github.com/Activiti/Activiti/compare/7.21.0-rc.214...7.21.0-rc.215

• CVE-2026-42586 (netty-codec-redis)
• CVE-2026-42578 (netty-handler-proxy)
• CVE-2026-42587 (netty-codec-http, netty-codec-http2)
• CVE-2026-41417 (netty-codec-http)
• CVE-2026-42581 (netty-codec-http)
• CVE-2026-42580 (netty-codec-http)
• CVE-2026-42585 (netty-codec-http)
• CVE-2026-42579 (netty-codec-dns)
• CVE-2026-42582 (netty-codec-http3)
• CVE-2026-42583 (netty-codec, netty-codec-compression)
• CVE-2026-42584 (netty-codec-http)
• CVE-2026-XXXXX (netty-codec-mqtt)

• Fix IndexOutOfBoundsException in StompSubframeDecoder on heartbeat by @daguimu in https://github.com/netty/netty/pull/16539
• Auto-port 4.1: Fix implementation of strerror_r_xsi for GNU by @netty-project-bot in https://github.com/netty/netty/pull/16561
• Auto-port 4.1: Replace usage of strerror with thread-safe alternative by @netty-project-bot in https://github.com/netty/netty/pull/16555
• Auto-port 4.1: Kqueue: sendfile EINTR doesn't advance offset — data duplication by @netty-project-bot in https://github.com/netty/netty/pull/16554
• Auto-port 4.1: Avoid leak in PemReader on OutOfDirectMemoryError by @netty-project-bot in https://github.com/netty/netty/pull/16576
• Auto-port 4.1: Native DNS resolver: Guard against malloc failures by @netty-project-bot in https://github.com/netty/netty/pull/16584
• Auto-port 4.1: Include user properties and subscription IDs in MqttProperties#isEmpty by @netty-project-bot in https://github.com/netty/netty/pull/16582
• Auto-port 4.1: Fix parsing HTTP chunks with multiple extensions by @netty-project-bot in https://github.com/netty/netty/pull/16588
• Auto-port 4.1: Stabilize read-only toStringMultipleThreads1 by @netty-project-bot in https://github.com/netty/netty/pull/16610
• Auto-port 4.1: Epoll: Cleanup code to always return negative value on failure by @netty-project-bot in https://github.com/netty/netty/pull/16601
• Auto-port 4.1: Stabilize more AbstractByteBufTests by @netty-project-bot in https://github.com/netty/netty/pull/16613
• Auto-port 4.1: Stabilize testSessionInvalidate for Conscrypt by @netty-project-bot in https://github.com/netty/netty/pull/16616
• Auto-port 4.1: Native transports: Correctly create pipe when pipe2 is not supported by @netty-project-bot in https://github.com/netty/netty/pull/16598
• Use stream error for maxContentLength exceeded in InboundHttp2ToHttpAdapter by @daguimu in https://github.com/netty/netty/pull/16558
• Fix shutdownInput bug in kqueue for empty recv buffer (#16630) by @normanmaurer in https://github.com/netty/netty/pull/16638
• Auto-port 4.1: Kqueue: Fix usage of LOCAL_PEERPID by @netty-project-bot in https://github.com/netty/netty/pull/16646
• Auto-port 4.1: HTTP2: Ensure HTTP2 preface is always send as first message by @netty-project-bot in https://github.com/netty/netty/pull/16642
• Auto-port 4.1: Propagate exceptions from inner threads in buffer tests by @netty-project-bot in https://github.com/netty/netty/pull/16652
• Auto-port 4.1: Add maxFrameLength support to ProtobufVarint32FrameDecoder by @netty-project-bot in https://github.com/netty/netty/pull/16658
• Auto-port 4.1: Bump up netty-tcnative to 2.0.76.Final by @netty-project-bot in https://github.com/netty/netty/pull/16672
• HTTP2: Ensure HTTP2 preface is always send as first message (also on … by @chrisvest in https://github.com/netty/netty/pull/16675
• Improve flaky NioSocketChannelTest (#16679) by @normanmaurer in https://github.com/netty/netty/pull/16681
• Deprecate ObjectCleaner and remove usage (#16685) by @chrisvest in https://github.com/netty/netty/pull/16694
• Auto-port 4.1: Update to netty-tcnative 2.0.77.Final by @netty-project-bot in https://github.com/netty/netty/pull/16695
• Avoid NPE in JdkSslServerContext when TrustManagerFactory returns null by @daguimu in https://github.com/netty/netty/pull/16691
• Avoid NPE in JdkSslClientContext when TrustManagerFactory returns null by @daguimu in https://github.com/netty/netty/pull/16690
• Auto-port 4.1: Avoid TCPFastOpen in KQueueCompositeBufferGatheringWriteTest by @netty-project-bot in https://github.com/netty/netty/pull/16699
• Auto-port 4.1: SCTP: Correctly handle SO_BACKLOG by @netty-project-bot in https://github.com/netty/netty/pull/16715
• Fix DiscardClient hang under -Dssl by using a client SSL context by @daguimu in https://github.com/netty/netty/pull/16717
• Auto-port 4.1: Consolidate fake exceptions in HTTP/2 tests into Http2TestUtil by @netty-project-bot in https://github.com/netty/netty/pull/16725
• Auto-port 4.1: Activate noPrintGC by default by @netty-project-bot in https://github.com/netty/netty/pull/16735
• Merge commit from fork by @normanmaurer in https://github.com/netty/netty/pull/16742

• @daguimu made their first contribution in https://github.com/netty/netty/pull/16539

Full Changelog: https://github.com/netty/netty/compare/netty-4.1.132.Final...netty-4.1.133.Final