BAU-28233 Fixed the Path Traversal issue from SelfUpdate.php file

[remus-iesan-natterbox]

This pull request addresses a security vulnerability in the SelfUpdate.php file related to path traversal. The vulnerability could have allowed an attacker to overwrite files outside the intended directory by manipulating the target filename during the self-update process.

Changes Made

• Introduced validation using realpath($this->filename) to resolve the absolute path of the target file.
• Ensured the resolved path is within the application's current working directory by checking it starts with getcwd().
• If the target filename is invalid or points outside the allowed directory, an exception is thrown and the update does not proceed.
• The PHAR file is only renamed and updated if all security checks pass.

Motivation

This change is necessary to prevent potential path traversal attacks during the self-update process, ensuring that updates cannot overwrite files outside the application directory.

[natterbox-integration]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)

✅ code/snyk check is complete. No issues have been found. (View Details)

[orca-security-eu]

Orca Security Scan Summary

Status	Check	Issues by priority
Passed	Infrastructure as Code	0   0   0   0	View in Orca
Passed	SAST	0   0   0   0	View in Orca
Passed	Secrets	0   0   0   0	View in Orca
Passed	Vulnerabilities	0   0   0   0	View in Orca