Update maven file_name regex for full string

Do a full string check on maven file_name rather
than just a single line to prevent malicious
attacks.

changelogs/unreleased/security-400-path-traversal-rce2.yml

+---
+title: Update maven_file_name_regex for full string match
+merge_request:
+author:
+type: security

ee/lib/ee/gitlab/regex.rb

@@ -28,7 +28,7 @@ module EE
         end
 
         def maven_file_name_regex
-          @maven_file_name_regex ||= %r{^[A-Za-z0-9\.\_\-\+]+$}.freeze
+          @maven_file_name_regex ||= %r{\A[A-Za-z0-9\.\_\-\+]+\z}.freeze
         end
 
         def maven_path_regex

ee/spec/lib/gitlab/regex_spec.rb

@@ -67,6 +67,7 @@ describe Gitlab::Regex do
     it { is_expected.not_to match('@@foo/bar') }
     it { is_expected.not_to match('my package name') }
     it { is_expected.not_to match('!!()()') }
+    it { is_expected.not_to match("..\n..\foo") }
   end
 
   describe '.maven_file_name_regex' do