gRPC Java 1.22.1 is released and available on Maven Central and JCenter.
https://github.com/grpc/grpc-java/releases/tag/v1.21.1
This release resolves the DoS vulnerability CVE-2019-9515 (SETTINGS flood). Users using the grpc-netty server with untrusted clients should upgrade.