BlackDuck security scan

[poklembaroland]

Our scan is coming back with 2 vulnerabilities.
zlib referenced is version 1.2.8 and has critical security vulnerabilities. Any chance this could be updated to the most recent version of zlib ?
Another issue coming back is related to OpenSLL but I do not see the component reference. This may be just coincidence in name matching by BlackDuck. Can somebody confirm that OpenSSL implementation inside this library has nothing to do with OpenSSL 1.0.2 ?