A mystery: use of deprecated crypto cipher aes-ecb by /u01/app/oracle/product/12.1.0.2.home1/bin/oracle

After applying Solaris patch 11.4 to our oracle database servers, we are now flooded with a stream of warnings in the console log about deprecated ciphers.

We have opened several SRs, which have come to naught so far.

On our own, we have discovered that the warning message is from new crypto libraries installed by the Solaris patch (/usr/lib/libucrypto.so.1). We have noticed that the crypto libraries are linked to many oracle binaries. So it stands to reason that something in the oracle binaries is calling the deprecated cipher (aes-ecb). But so far, we have not yet figured out where it exactly comes from.

I am sure there are many ways to reproduce the problem, but one sure way we have found is this:
sqlplus / as sysdba
select count(*) From dba_data_files;

After a little bit of trial and error, it seems like this select will also do it:
select count(*) from sys.x$ktfbhc;

We only see a corresponding warning in the console log the first time this query runs for each session.

We are trying to diagnose with dtrace, but so far have not hit upon any obvious clues (still trying).

We have tried this on OSEE 11.2.0.4, 12.1.0.2 and 12.2.0.1