[3.10] gh-118224: Load default OpenSSL provider for nonsecurity algorithms (GH-118236) by xnox · Pull Request #118240 · python/cpython

This is not fixing a security issue, so it should not be backported to 3.10. In general, please only open backport PRs after the main one is merged.

It is FedRAMP/FIPS compliance by-pass. This issue may allow using md5 without specifying "useforsecurity=False" on systems otherwise configured to be in FIPS-mode only. And is the primary reason why documentation mentions that certain distributions of python remove md5 module altogether.

Re about merge sequence, sure, will wait until main one is merged.