Update vulnerable/unusable dependencies #420
Description
We have currently several dependencies flagged as vulnerable (or that might not even be used). For instance, in some Dockerfiles, the RPM copies of pip/setuptools ship setuptools‑53.0.0, which is flagged by vulnerability scanners (CVE‑2022‑40897) or another case with CVE-2022-2255. Yet, by later installing an up‑to‑date wheel (e.g. 65.x) means that the RPM artefacts are no longer needed and can be removed. I suggest to perform some upgrades and since this involves quite some effort/testing to see that we didn't break something, I place a dedicated issue for that here.