python: cve: use latest cryptography and urllib3

Use:
https://raw.githubusercontent.com/openstack/requirements/7d16424510c49daa913fc20a6300427b72522231/upper-constraints.txt
as baseline and then change:

```
cryptography: 43.0.3 to 44.0.1
urllib3: 1.26.20 to 2.5.0
```

Fixes the below pip-audit failures:

```
Found 2 known vulnerabilities in 2 packages
------------ ------- ------------------- -------
cryptography 43.0.3  GHSA-79v4-65xg-pq4g 44.0.1
urllib3      1.26.20 GHSA-pq67-6m6q-mj2v 2.5.0
```

Change-Id: I4c1994ab7dc27f902aa51ac6945776c23f9ff2fd
Signed-off-by: Adrian Vladu <avladu@cloudbasesolutions.com>

Author: ader1990

.github/workflows/cloudbase_init_tests.yml

@@ -1,7 +1,7 @@
 name: Cloudbase-Init tests
 
 env:
-  UPPER_CONSTRAINTS: "https://git.openstack.org/cgit/openstack/requirements/plain/upper-constraints.txt"
+  UPPER_CONSTRAINTS: "upper-constraints.txt"
   TEST_RESOURCES: "https://github.com/cloudbase/cloudbase-init-test-resources"
   TEST_RESOURCES_BRANCH: "master"
 

tox.ini

@@ -7,7 +7,7 @@ skipsdist = True
 usedevelop = True
 setenv = VIRTUAL_ENV={envdir}
 deps =
-  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+  -c{env:TOX_CONSTRAINTS_FILE:upper-constraints.txt}
   -r{toxinidir}/test-requirements.txt
   -r{toxinidir}/requirements.txt
 commands = stestr run --slowest {posargs}
@@ -31,7 +31,7 @@ commands = {posargs}
 
 [testenv:docs]
 deps =
-  -c{env:TOX_CONSTRAINTS_FILE:https://releases.openstack.org/constraints/upper/master}
+  -c{env:TOX_CONSTRAINTS_FILE:upper-constraints.txt}
   -r{toxinidir}/doc/requirements.txt
   -egit+https://github.com/openstack/cloudbase-init\#egg=cloudbase-init
 commands =