Initial 2.5.2.0 release preparation

[kwwall]

Mostly to address CVE-2023-24998 in Apache Commons Files Upload, but other minor changes described in the 2.5.2.0 release notes (which are included).

[kwwall]

@jeremiahjstacey and @xeno6696 - One of you at least needs to review and approve this PR. (I can do the merge, as I want to add a few comments during the merge.)

Jeremiah, please at least look at HTTPUtilitiesTest.java and the changes there. You will see that I have a few questions and you seem to have a lot of expertise about JUnit. There is a chuck of new code in DefaultHTTPUtilities.java references FIXME and mentions your GitHub ID. It wasn't able to see the log output when I locally changed the log level from INFO to DEBUG. Maybe you can tell me what I was doing wrong. I changed it both places in file esapi-java-logging.properties which I thought was the only place I needed to tweak it.

[kwwall]

@jeremiahjstacey - In case @xeno6696 doesn't get around to approving this, let me do the merge as I may wish to add some additional comments here. (Or not; haven't really decided, but probably will want to edit them a bit and prefer not to have to do 'git comment --amend'.) So I will wait until COB tomorrow for @xeno6696 approval, but if he doesn't have time, I will proceed with the merge without him.

P.S.- Thanks for the review and the tips! (I was going to write 'pointers', but this is Java, so no pointers.)