Skip to main content
grosssmutttr
Known Participant
March 31, 2016
Question

OpenSSL - Google Play "The vulnerabilities were addressed in OpenSSL 1.02f/1.01r"

  • March 31, 2016
  • 14 replies
  • 7610 views

Just got a warning sign behind every app in the Google Play developer console.

So I remember this issue already appeared a year ago:

How to address OpenSSL vulnerabilities in your apps - Google Help

Currently I'm using AIR 20.

Is this issue also part of the current AIR 21?

Best

omi

This topic has been closed for replies.

14 replies

Roostergames
Participating Frequently
April 5, 2016

who tried with AIR SDK 21.0.0.176 ? If this version using 1.02f alerts must delete. Because Google wrote in official article. Must use OPEN ssl 1.02f / 1.01r or higher version.

who tried new app update with 21.0.0.176 and what is the result ?

grosssmutttr
Known Participant
April 5, 2016

Hi Roostergames,

I tried with version 21.0.0.176.

After uploading updates of all my apps I deleted the warnings and up to now they didn't appear again, so I think the issue is solved...

Lars Laborious
Legend
April 6, 2016

You didn't really need to delete the warnings. I updated two of my apps (version 21.0.0.176), waited one day for Google to catch up, and now the warnings are removed from those two apps.

Participating Frequently
April 1, 2016

Adobe Air SDK 21.0.0.128 is using openSSL version 1.0.2d

Adobe Air version 21.0.0.150 is using openSSL version 1.0.2f

We have to download Adobe Air here Download Adobe AIR 21 Beta - Adobe Labs  (The date is wrong (Date Feb 17, 2016)  this version is from March (read the pdf).

grosssmutttr
Known Participant
April 2, 2016

Just tested

21.0.0.176

and it seems as if it is not working...

Participating Frequently
April 2, 2016

21.0.0.150 is working for me, 3 apps updated yesterday and warnings disappear. Try with 21.0.0.150 is using openSSL version 1.0.2f.

Participating Frequently
April 1, 2016

I think AIR 21.0 resolves this, I updated one of my apps with AIR 21.0 yesterday and the app is the only one now that does not show the warning for me..

April 1, 2016

I'm still seeing this flagged as an issue in Google Play on our App with Air 19 ?

I'm not convened this has gone away...

Mark.fromOP
Inspiring
March 31, 2016

Same here, about 8 apps some published as recent as November with the latest AIR.

You guys remember this happened last year? Then later I got an email saying it was an error and everything went back to normal. I am almost certain this is an error, perhaps whatever tool they use to determined which apps are in violation does not work properly with AIR apps. Don't panic just yet.

Also an interesting side note my active apps got flagged but apps I have basically given up on that have not been touched for 3 years built with AIR 2.3-3.0 did not receive the warning so how does that make any sense?

Flipline
Inspiring
March 31, 2016

I think when that error happened last time, they were claiming the AIR app had an earlier version of OpenSSL than it actually had.  This time it looks like the version they're requiring is legitimately newer than what our AIR apps have --- my AIR 18 apps have 1.01m and they're looking for 1.01r or 1.02f (not sure if AIR 19 or 20 or 21 did bump it up to 1.01r since then).

Inspiring
March 31, 2016

I published my latest App with Adobe Air 21.0.0.128 - it received the same OpenSSL Warning as all my other Apps.

Yay

Infin8
Inspiring
March 31, 2016

Come on chris.campbell. Work your magic once more please

Infin8
Inspiring
April 1, 2016

I already thought the AIR team was talented but that was impressive. he he!

natural_criticB837
Legend
April 1, 2016

Phew

Participating Frequently
March 31, 2016

Same here

Inspiring
March 31, 2016

Ughhh ... 22 apps for me    .. Most of mine are AIR 20

Flipline
Inspiring
March 31, 2016

Same warning here, I believe all of our apps listed in the email were using AIR 18, and we haven't released any apps with a newer version since then.  Has this been in addressed in 20 or 21?

Inspiring
March 31, 2016

Same here, I hope that it will be fixed ASAP !