msix-packaging should consider updating to at least OpenSSL 3.0, which has LTS support until 2026. OpenSSL has a migration guide for the 1.1 to 3.0 upgrade, although if msix-packaging isn't using esoteric features of OpenSSL it might be as simple as recompiling with the new dependency.
I'm trying to package msix-packaging for a downstream distro. This is currently failing because that distro has marked OpenSSL 1.1 as unsafe to build, because OpenSSL 1.1 is EOL and no longer receives security fixes.
msix-packaging should consider updating to at least OpenSSL 3.0, which has LTS support until 2026. OpenSSL has a migration guide for the 1.1 to 3.0 upgrade, although if msix-packaging isn't using esoteric features of OpenSSL it might be as simple as recompiling with the new dependency.