The Crosswalk team has updated Crosswalk 7 with the CVE security fixes for Open SSL to bring Crosswalk 7 in compliance. This was accomplished by updating the base Chromium version used in Crosswalk, which fixes the known Open SSL vulnerabilities. Below are commit logs for Chromium and Crosswalk detailing the fixes.
For more information see https://software.intel.com/en-us/articles/crosswalk-7-open-ssl-update
I have opened a ticket with the Chromium Security team asking them to rev the Open SSL version. If they do, we will rebase Crosswalk 7.