This is the email I just received from Google after contacting them today.
Thanks for contacting Google Play Developer Support about the security alert you have received with regard to using highly vulnerable version of OpenSSL.
We want you to have time to update now, but eventually, to help protect users we may need to block apps that have out of date dependent libraries or other vulnerabilities. We will provide a clear deadline before any action is taken. We recommend that you update OpenSSL as soon as possible to protect your users from the risk of compromise, and to make sure that your app is compliant with Google Play Policy on ‘dangerous products’.
volcank so is the update functional?
Intel XDK folks seem to be quiet on the matter. :/