fix: CVE-2021-20218 vulnerable to a path traversal

[manusa]

Description

Provided fix and tests for path traversal vulnerability.

Added a partial copy of Apache Commons IO FilenameUtils to avoid adding any dependency, especially considering the fix might be back-ported to very early versions (>=v4.2.0).
The package for this copied classes (io.fabric8.kubernetes.client.lib) has been decided to avoid OSGi issues regarding exported and imported modules

Relates to:

• Potential CVE? #2715
• 6f7b79f
• Better File utilities #2752

Type of change

• Bug fix (non-breaking change which fixes an issue)
• Feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to change
• Chore (non-breaking change which doesn't affect codebase;
  test, version modification, documentation, etc.)

Checklist

• Code contributed by me aligns with current project license: Apache 2.0
• I Added CHANGELOG entry regarding this change
• I have implemented unit tests to cover my changes
• I have added/updated the javadocs and other documentation accordingly
• No new bugs, code smells, etc. in SonarCloud report
• I tested my code in Kubernetes
• I tested my code in OpenShift

[centos-ci]

Can one of the admins verify this patch?

[manusa]

n.b. K8s E2E tests won't pass in this version because the GH action is not compatible with the newly provided environment by GitHub (Ubuntu 20.04 as opposed to Ubuntu 18.04)

Same for Sonar task:

The version of Java (1.8.0_282) you have used to run this analysis is deprecated and we stopped accepting it. Please update to at least Java 11.