Upgrade dependencies to resolve vulnerabilities

[sethmlarson]

Upgrades Django, urllib3, lxml, and Pillow to resolve known vulnerabilities. To use urllib3 v2.x, required updating boto3 and botocore which was not being upgraded due to Dependabot exclusion. That exclusion is removed in #2993

NAME     INSTALLED  FIXED-IN  TYPE    VULNERABILITY        SEVERITY  EPSS%  RISK  
django   5.2.11     5.2.12    python  GHSA-8p8v-wh79-9r56  High      45.52    0.2  
urllib3  1.26.20    2.5.0     python  GHSA-pq67-6m6q-mj2v  Medium    23.06  < 0.1  
lxml     5.2.2      6.1.0     python  GHSA-vfmq-68hx-4jfw  High      12.13  < 0.1  
django   5.2.11     5.2.13    python  GHSA-933h-hp56-hf7m  High      10.67  < 0.1  
django   5.2.11     5.2.13    python  GHSA-5mf9-h53q-7mhq  Medium    12.70  < 0.1  
urllib3  1.26.20    2.6.3     python  GHSA-38jv-5279-wg99  High       8.62  < 0.1  
urllib3  1.26.20    2.6.0     python  GHSA-gm62-xv2j-4w53  High       5.83  < 0.1  
pillow   10.4.0     12.2.0    python  GHSA-whj4-6x5x-4v2j  High       3.79  < 0.1  
urllib3  1.26.20    2.6.0     python  GHSA-2xpw-w6gg-jr37  High       2.78  < 0.1  
pillow   10.4.0     12.1.1    python  GHSA-cfh3-3jmp-rvhc  High       2.79  < 0.1  
django   5.2.11     5.2.13    python  GHSA-mvfq-ggxm-9mc5  High       3.06  < 0.1  
django   5.2.11     5.2.13    python  GHSA-pwjp-ccjc-ghwg  Low        5.52  < 0.1  
django   5.2.11     5.2.13    python  GHSA-mmwr-2jhp-mc7j  Low        1.98  < 0.1  
django   5.2.11     5.2.12    python  GHSA-mjgh-79qc-68w3  Low        1.38  < 0.1  
pillow   10.4.0     12.2.0    python  GHSA-pwv6-vv43-88gr  High        N/A    N/A  
pillow   10.4.0     12.2.0    python  GHSA-r73j-pqj5-w3x7  Medium      N/A    N/A  
pillow   10.4.0     12.2.0    python  GHSA-wjx4-4jcj-g98j  Medium      N/A    N/A

[JacobCoffee]

hesitant because of the major bumps but digging in it seems ok