There is a vulnerability in lxml:4.8.0,upgrade recommended

https://github.com/microsoft/qlib/blob/667fb0e4d99012dc24aa468230eabcd240fcde8a/scripts/data_collector/br_index/requirements.txt#L11

CVE-2022-2309

Recommended upgrade version：4.9.1
