openssl security and bug fix update

[1:1.1.1k-4]

• Fixes bugs in s390x AES code.
• Uses the first detected address family if IPv6 is not available
• Reverts the changes in https://github.com/openssl/openssl/pull/13305
  as it introduces a regression if server has a DSA key pair, the handshake fails
  when the protocol is not explicitly set to TLS 1.2. However, if the patch is reverted,
  it has an effect on the ‘ssl_reject_handshake’ feature in nginx. Although, this feature
  will continue to work, TLS 1.3 protocol becomes unavailable/disabled. This is already
  known - https://trac.nginx.org/nginx/ticket/2071#comment:1
  As per https://github.com/openssl/openssl/issues/16075#issuecomment-879939938, nginx
  could early callback instead of servername callback.
• Resolves: rhbz#1978214
• Related: rhbz#1934534
  [1:1.1.1k-3]
• Cleansup the peer point formats on renegotiation
• Resolves rhbz#1965362
  [1:1.1.1k-2]
• Fixes FIPS_selftest to work in FIPS mode. Resolves: rhbz#1940085
• Using safe primes for FIPS DH self-test
  [1.1.1k-1]
• Update to version 1.1.1k
  [1.1.1g-16]
• Use AI_ADDRCONFIG only when explicit host name is given
• Allow only curves defined in RFC 8446 in TLS 1.3