OpenSSL version in package manager is vulnerable

I coincidentally discovered the current version of OpenSSL in the package manager is vulnerable.

Notice on OpenSSL website

I don’t know if the package management team is well aware of it or not or how to check what’s on their task list.

If you check the branches, at least unstable has the new openssl package: Packages