Watch, Follow, &
Connect with Us

For forums, blogs and more please visit our
Developer Tools Community.


ID: 30683, Google Play rejects APPs with OpenSSL Vulnerability

by Perauto Informatica srl Email: Anonymous


OpenSSL, vulnerability, Android, google
Download Details
FTP  download also available 0 bytes
CDN Login Required to Download. (You will be redirected to the login page if you click on the Download Link)
To download this, you must have registered:
A free membership

For Delphi, Version 10.0  to 10.1 0 downloads
Copyright: All rights reserved


Size: 0 bytes
Updated on Mon, 06 Feb 2017 03:21:33 GMT
Originally uploaded on Mon, 06 Feb 2017 03:21:33 GMT
Description
Our app was rejected for violating google Malicous Behavior or User data policy.

This is the google play support email:

Hello Google Play Developer,

We rejected Chiamoilmio, with package name com.perauto.chiamoilmio, for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous version of your app is still available on Google Play.

This app uses software that contains security vulnerabilities for users or allows the collection of user data without proper disclosure.

Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please upgrade your app(s) as soon as possible and increment the version number of the upgraded APK.

Vulnerability APK Version(s)
OpenSSL
The vulnerabilities were addressed in OpenSSL 1.0.2f/1.0.1r. To confirm your OpenSSL version, you can do a grep search for:

\$ unzip -p YourApp.apk | strings | grep "OpenSSL"

You can find more information and next steps in this Google Help Center article.

26
To confirm you’ve upgraded correctly, submit the updated version of your app to the Developer Console and check back after five hours to make sure the warning is gone.

While these vulnerabilities may not affect every app that uses this software, it’s best to stay up to date on all security patches. Make sure to update any libraries in your app that have known security issues, even if you're not sure the issues are relevant to your app.

Apps must also comply with the Developer Distribution Agreement and Developer Program Policies.

If you feel we have made this determination in error, please reach out to our developer support team.

Best,

The Google Play Team

   Latest Comments  View All Add New

Move mouse over comment to see the full text

Server Response from: ETNACDC03