SRU: backport Python 3.8.11 to 20.04 LTS and 20.10

As done with LP: #1928057, backport the 3.8.11 release to focal and groovy, consisting of security updates and a fix for a regression introduced in 3.8.10 (we already fixed sssd to pass its tests with 3.8.10).

Changes are:

Security
--------

- bpo-44022: mod:`http.client` now avoids infinitely reading potential HTTP
  headers after a ``100 Continue`` status response from the server.

- bpo-43882: The presence of newline or tab characters in parts of a URL
  could allow some forms of attacks.

  Following the controlling specification for URLs defined by WHATWG
  :func:`urllib.parse` now removes ASCII newlines and tabs from URLs,
  preventing such attacks.

- bpo-42800: Audit hooks are now fired for frame.f_code, traceback.tb_frame,
  and generator code/frame attribute access.

Core and Builtins
-----------------

- bpo-44070: No longer eagerly makes import filenames absolute, except for
  extension modules, which was introduced in 3.8.10.

Library
-------

- bpo-44061: Fix regression in previous release when calling
  :func:`pkgutil.iter_modules` with a list of :class:`pathlib.Path` objects

Validation: Test suite passes during the build, and all triggered autopkg tests pass. I don't think we need another complete test rebuild with these changes.

Regression potential: Low, we already had the test rebuild with 3.8.10, and these changes are very targeted.

Building the packages in the ubuntu-toolchain-r/ppa PPA with only the security pocket enabled, so these build can be binary-copied to the updates and security pockets.