Adobe-Runtime-Support Your app uses a defective version of the OpenSSL library, which can cause your app to crash. Update to a fixed version of OpenSSL

Your app uses a defective version of the OpenSSL library, which can cause your app to crash. Update to a fixed version of OpenSSL wrong

i used AIR SDK : 33.1.1.929 Will this package be used or not? AIR_SDK_33.1.1.856 Thx

Oct 07 '22 20:10 Syko1995

@Syko1995 I got the same error now. with SDK 929 and 889. @ajwfrost how to fix this?

Oct 08 '22 12:10 apofis1969

@apofis1969 Unfortunately, so far I have not found any solution to this problem and the new update has been suspended for 21 days

Oct 08 '22 12:10 Syko1995

@Syko1995 hopefully @ajwfrost will send us a solution soon. We will not be the only once with this serious problem.

Oct 08 '22 14:10 apofis1969

Does the error prevent you from releasing the build? We received the same error, but only in the "Pre-Launch Report" and not within the build upload/release warnings. Google's "Learn More" link even mentions that it's not mandatory and won't affect being able to release a build (though recommended to fix.) Wonder if it's a fluke that ours somehow made it through, or if they've now made it mandatory in the last couple days...

Oct 08 '22 15:10 FliplineStudios

@FliplineStudios hi, as it is declared as an error and not as a warning, it is a risk to send an update to the production environment.

Oct 08 '22 17:10 apofis1969

@apofis1969 I agree it should be fixed ASAP, and looks like Harman will be fixing it soon in an update.

One thing to consider is that this is the same OpenSSL version that the AIR SDK has used since at least .476, so we've all been releasing with this same defective library in all of our published apps for the past 16 months, and it's only in the past few weeks that Google has decided to start warning developers about it. If you haven't had any stability issues over the past 16 months, you could decide if you want to release to production anyway in the meantime while waiting for Harman to fix the issue.

We ended up releasing to production, though somewhat inadvertently since Google didn't even flag our upload with this error, and only found it hidden away in the Pre-Launch Report after it had already gone live... haven't seen any issues though so far.

Oct 08 '22 18:10 FliplineStudios

ot be the only once wi

@apofis1969 I hope so, my friend. We wish them good luck

Oct 09 '22 06:10 Syko1995

@FliplineStudios hi, as it is declared as an error and not as a warning, it is a risk to send an update to the production environment.

I sent a review request, will there be a problem now with this big mistake

Oct 09 '22 06:10 Syko1995

Hi, is this issue solved? any solution found? Actually I also got the same error but unable to found which dependency is causing this issue. Also, can anyone please confirm that I can resubmit the app on google console with this issue being unresolve ? Thanks in advance!

Oct 27 '22 06:10 Nitish-Verma-1992

@Nitish-Verma-1992 This was solved in the most recent air versions (both 50, and 33)

Oct 27 '22 07:10 Ender22

But recent version makes a app to crash what to do now

Nov 03 '22 10:11 Gokulv617

The 50.0.1 has an instability caused by freetype, which we're working on; 33.1.1.935 should be a stable version though so if you're getting a crash on that, please raise it as a new bug.

thanks

Nov 03 '22 12:11 ajwfrost

It is raised in #2260

Nov 03 '22 12:11 Gokulv617

Any updates?

Nov 08 '22 16:11 mon73

On which..?! The OpenSSL update was in 33.1.1.935 (stable) and in 50.0.1.1 which has an instability around freetype/libpng which we've now fixed and are releasing shortly as 50.0.1.2.

thanks

Nov 08 '22 16:11 ajwfrost

We are using 33.1.1.935 and error became visible again after release. It is more detailed now:

OpenSSL 1.1.1d in lib/x86_64/libCore.so

Maybe x86 version forgotten?

Nov 25 '22 21:11 mumeka

Hmm... seems to be okay from what we can see? If you extract your APK file and check that library, are you able to get any hints? We've checked the source code and submissions into the repository, and also checked the library files as well: e.g.

/SDKs/33.1.1.935/runtimes/air/android/device/x86_64 $ cat libCore.so | grep "1.1.1"
grep: (standard input): binary file matches

/SDKs/33.1.1.935/runtimes/air/android/device/x86_64 $ cat libCore.so | grep "1.1.1q"
grep: (standard input): binary file matches

/SDKs/33.1.1.935/runtimes/air/android/device/x86_64 $ cat libCore.so | grep "1.1.1d"

/SDKs/33.1.1.929/runtimes/air/android/device/x86_64 $ $ cat libCore.so | grep "1.1.1d"
grep: (standard input): binary file matches

/SDKs/33.1.1.929/runtimes/air/android/device/x86_64 $ cat libCore.so | grep "1.1.1q"

So it looks like this is set up properly. Are you able to find out more, how are they actually detecting it?

Nov 28 '22 09:11 ajwfrost

Yes aab contains 1.1.1d with grep results. I have made another build with 33.1.1.935. This new one contains 1.1.1q. I'm not sure how old one had 1.1.1d. But it seems to be resolved now.

Nov 28 '22 12:11 mumeka

Great, thanks. Weird, maybe a caching issue somewhere/somehow...

Nov 28 '22 12:11 ajwfrost

solution

https://support.google.com/faqs/answer/12576638

Dec 29 '22 09:12 farmketprocess

add

implementation 'com.android.ndk.thirdparty:openssl:1.1.1l-beta-1'

inside the android/app/build.gradle dependencies

Jan 09 '23 15:01 farmketprocess

i have published a vpn app now in my console also showing this ssl warning . so should i paste this dependency in gradle? implementation 'com.android.ndk.thirdparty:openssl:1.1.1l-beta-1'

Sep 30 '23 17:09 malakarrinku

Adobe-Runtime-Support Adobe-Runtime-Support copied to clipboard

Your app uses a defective version of the OpenSSL library, which can cause your app to crash. Update to a fixed version of OpenSSL

Adobe-Runtime-Support
Adobe-Runtime-Support copied to clipboard