CVEs found in reused component openssl by using VulSCA

[lcf262412]

CVEs and affected files:
CVE-2016-0799 in the file Thirdparty/openssl-0.9.8x/crypto/bio/b_print.c
CVE-2014-8275 in the file Thirdparty/openssl-0.9.8x/crypto/asn1/a_verify.c
CVE-2014-3508 in the file Thirdparty/openssl-0.9.8x/crypto/objects/obj_dat.c
CVE-2015-0287 in the file Thirdparty/openssl-0.9.8x/crypto/asn1/tasn_dec.c
CVE-2014-0076 in the file Thirdparty/openssl-0.9.8x/crypto/ec/ec2_mult.c
CVE-2018-0739 in the file Thirdparty/openssl-0.9.8x/crypto/asn1/tasn_dec.c
CVE-2016-2108 in the file Thirdparty/openssl-0.9.8x/crypto/asn1/tasn_dec.c
CVE-2016-2109 in the file Thirdparty/openssl-0.9.8x/crypto/asn1/a_d2i_fp.c
CVE-2015-0289 in the file Thirdparty/openssl-0.9.8x/crypto/pkcs7/pk7_doit.c
CVE-2014-3570 in the file Thirdparty/openssl-0.9.8x/crypto/bn/bn_asm.c
CVE-2015-3195 in the file Thirdparty/openssl-0.9.8x/crypto/asn1/tasn_dec.c
CVE-2016-0797 in the file Thirdparty/openssl-0.9.8x/crypto/bn/bn_print.c
CVE-2016-2182 in the file Thirdparty/openssl-0.9.8x/crypto/bn/bn_print.c
CVE-2015-1789 in the file Thirdparty/openssl-0.9.8x/crypto/x509/x509_vfy.c
CVE-2015-0209 in the file Thirdparty/openssl-0.9.8x/crypto/ec/ec_asn1.c
CVE-2016-0702 in the file Thirdparty/openssl-0.9.8x/crypto/bn/bn_exp.c
CVE-2015-0292 in the file Thirdparty/openssl-0.9.8x/crypto/evp/encode.c
CVE-2016-2842 in the file Thirdparty/openssl-0.9.8x/crypto/bio/b_print.c
CVE-2016-7056 in the file Thirdparty/openssl-0.9.8x/crypto/ec/ec_lib.c
CVE-2018-5407 in the file 3rdparty/openssl/crypto/bn/bn_lib.c

References:
NVD descriptions:
https://nvd.nist.gov/vuln/detail/CVE-2016-0799
https://nvd.nist.gov/vuln/detail/CVE-2014-8275
https://nvd.nist.gov/vuln/detail/CVE-2014-3508
https://nvd.nist.gov/vuln/detail/CVE-2015-0287
https://nvd.nist.gov/vuln/detail/CVE-2014-0076
https://nvd.nist.gov/vuln/detail/CVE-2018-0739
https://nvd.nist.gov/vuln/detail/CVE-2016-2108
https://nvd.nist.gov/vuln/detail/CVE-2016-2109
https://nvd.nist.gov/vuln/detail/CVE-2015-0289
https://nvd.nist.gov/vuln/detail/CVE-2014-3570
https://nvd.nist.gov/vuln/detail/CVE-2015-3195
https://nvd.nist.gov/vuln/detail/CVE-2016-0797
https://nvd.nist.gov/vuln/detail/CVE-2016-2182
https://nvd.nist.gov/vuln/detail/CVE-2015-1789
https://nvd.nist.gov/vuln/detail/CVE-2015-0209
https://nvd.nist.gov/vuln/detail/CVE-2016-0702
https://nvd.nist.gov/vuln/detail/CVE-2015-0292
https://nvd.nist.gov/vuln/detail/CVE-2016-2842
https://nvd.nist.gov/vuln/detail/CVE-2016-7056
https://nvd.nist.gov/vuln/detail/CVE-2018-5407

GitHub Security Advisories:
GHSA-x493-jjcm-ffg2 CVE-2016-0799
GHSA-85qv-mgh4-gm8w CVE-2014-8275
GHSA-5fxv-32q4-g2fh CVE-2014-3508
GHSA-7mxg-8jv7-cj7v CVE-2015-0287
GHSA-h7hf-9wc6-h849 CVE-2014-0076
GHSA-2qcx-c97v-hcr6 CVE-2018-0739
GHSA-cf8v-cq93-65gh CVE-2016-2108
GHSA-mq63-fmfx-8qc3 CVE-2016-2109
GHSA-cxc6-qvvg-mcqm CVE-2015-0289
GHSA-42m3-9326-hpxj CVE-2014-3570
GHSA-7q2f-v729-wjf3 CVE-2015-3195
GHSA-88pg-cj77-9fxr CVE-2016-0797
GHSA-qc4g-43pw-wqh8 CVE-2016-2182
GHSA-q289-c6qx-8gxc CVE-2015-1789
GHSA-gc3c-j46x-fm67 CVE-2015-0209
GHSA-q7xg-gmg7-59f4 CVE-2016-0702
GHSA-3467-h7vq-fjwx CVE-2015-0292
GHSA-jj34-65xr-hwrp CVE-2016-2842
GHSA-9f4v-cw9w-g4cw CVE-2016-7056
GHSA-3rjg-j575-7f6p CVE-2018-5407

Patch suggestions:
Affected files are form the older version of openssl,it is recommended to update the file to the latest version.

[layman6666]

---这是来自QQ邮箱的自动回复邮件。 ---This is from the QQ mailbox automated reply. 您好！您的来信我已经收到，我会尽快给您回复。Hello