Comment 17 for bug 1951279

If anybody needs a workaround, disable the CHACHA20 cipher suites which use Poly1305:

$ openssl s_client -debug -showcerts -connect graph.facebook.com:443 -ciphersuites TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256 -cipher 'ALL:!CHACHA20'

Unfortunately, it appears this can't be done system wide from /etc/ssl/openssl.conf - it needs to be done in a tool specific way for each tool using openssl (such as curl: https://curl.se/docs/ssl-ciphers.html).