ucommon (openssl): use newer openssl

[mkg20001]

ucommon is currently using a vulnerable version for the openssl variant
It's needed for the twinkle package

Building it with the latest openssl version causes a build error.
It would propably need to be patched.

[flokli]

@mkg20001 I'm missing version numbers and CVE numbers in the report. Can you elaborate?

Maybe related, but without more details, I can only guess:

#84083
#84084

Edit: It turns out, ucommon is referring to openssl_1_0_2, which has been marked as insecure.

Looking at https://www.gnu.org/software/commoncpp/, it seems like there hasn't been a new release since 2017, so probably openssl 1.1 support just isn't there.

Maybe you should ask on their mailing list, or we should just flip ucommon to use gnutls (and ditch ucommon_openssl alltogether)?