Security update: Update pyghmi to avoid pycrypto

The version of pyghmi being used depends on a vulnerable pycrypto
version.  Updating to the latest, which depends on cryptography.

This also updates the `freeze` tox job to recreate to ensure proper
updating of the lockfile.

Change-Id: I4a7d82dc8bfad1609a5d5b4e663cf74266b7f6f0

python/requirements-direct.txt

@@ -1,5 +1,5 @@
 PyYAML==3.12
-pyghmi==1.0.18
+pyghmi==1.2.14
 netaddr
 falcon
 oslo.versionedobjects==1.23.0

python/requirements-lock.txt

@@ -1,12 +1,15 @@
 alembic==0.8.2
 amqp==2.3.2
+asn1crypto==0.24.0
 Babel==2.6.0
 Beaker==1.9.1
 cachetools==2.1.0
-certifi==2018.8.13
+certifi==2018.8.24
+cffi==1.11.5
 chardet==3.0.4
 click==6.7
 contextlib2==0.5.5
+cryptography==2.3.1
 debtcollector==1.20.0
 defusedxml==0.5.0
 dnspython==1.15.0
@@ -14,7 +17,7 @@ eventlet==0.24.1
 falcon==1.4.1
 fasteners==0.14.1
 futurist==1.7.0
-greenlet==0.4.14
+greenlet==0.4.15
 idna==2.7
 iso8601==0.1.11
 Jinja2==2.9.6
@@ -39,8 +42,8 @@ oslo.messaging==8.1.0
 oslo.middleware==3.36.0
 oslo.policy==1.22.1
 oslo.serialization==2.27.0
-oslo.service==1.31.3
-oslo.utils==3.36.4
+oslo.service==1.32.0
+oslo.utils==3.37.0
 oslo.versionedobjects==1.23.0
 Paste==2.0.3
 PasteDeploy==1.5.2
@@ -51,8 +54,8 @@ prettytable==0.7.2
 psycopg2==2.7.3.1
 PTable==0.9.2
 pycadf==2.8.0
-pycrypto==2.6.1
-pyghmi==1.0.18
+pycparser==2.18
+pyghmi==1.2.14
 pymongo==3.6.1
 pyparsing==2.2.0
 python-dateutil==2.7.3
@@ -68,9 +71,9 @@ Routes==2.4.1
 setuptools==40.2.0
 six==1.11.0
 SQLAlchemy==1.2.8
-statsd==3.2.2
+statsd==3.3.0
 stevedore==1.29.0
-tenacity==5.0.1
+tenacity==5.0.2
 ulid2==0.1.1
 urllib3==1.23
 uWSGI==2.0.15

requirements-host.txt

@@ -5,6 +5,7 @@ pkg-config
 python3-dev
 gcc
 netbase
+libssl-dev
 python3-pip
 python3-setuptools
 ssh

tox.ini

@@ -15,6 +15,7 @@ commands = {posargs}
 
 [testenv:freeze]
 basepython=python3
+recreate = True
 whitelist_externals=
   rm
   sh