upgrade dependencies

[bmw]

It's probably fine, but we may want to upgrade dependencies to fix https://github.com/certbot/certbot/security/dependabot. My personal feeling is it's always better to just upgrade than to try and convince ourselves the problems don't affect us.

Repinning things is easy enough, but then we hit problems trying to build cryptography in our docker images. OK! To fix that I upgraded our base docker image to a newer one like we've done before in PRs like #9415.

Unfortunately, with this change cryptography takes (maybe literally) forever to build. (Looking at previous successful nightly builds, that job normally only takes about an hour.)

I tried upgrading things a little less aggressively at https://dev.azure.com/certbot/certbot/_build/results?buildId=7464&view=results. We'll see what happens 🤞