minor upstream release 1.0.2k fixing security issues
deprecate and disable verification of insecure hash algorithms
add support for /etc/pki/tls/legacy-settings also for minimum DH length
accepted by SSL client
compare the encrypt and tweak key in XTS as required by FIPS