upgrade commons.io to 2.11.0 from 2.5 for 1.6.x branch

2.5 has a vulnerability [CVE-2021-29425](https://ossindex.sonatype.org/vulnerability/82848549-29bd-4594-b983-e61e4b2c6924?component-type=maven&component-name=commons-io.commons-io&utm_source=ossindex-client&utm_medium=integration&utm_content=1.7.0)


