Hi, I just got this email from Google When are you guys to fix that? ===== Hello Google Play Developer, We detected that your app(s) listed at the end of this email are using an unsafe version of the libpng library. Apps with vulnerabilities like this can expose users to risk of compromise and may be considered in violation of our Malicious Behavior policy. What’s happening Beginning September 17, 2016, Google Play will block publishing of any new apps or updates that use vulnerable versions of libpng. Your published APK version will not be affected, however any updates to the app will be blocked unless you address this vulnerability. Action required: Migrate your app(s) to use libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher as soon as possible and increment the version number of the upgraded APK. Next steps Download the latest version of libpng from the libpng website. Sign in to your Developer Console and submit the updated version of your app. Check back after five hours - we’ll show a warning message if the app hasn’t been updated correctly. The vulnerability stems from an out of bounds memory access that could potentially lead to code execution. Versions 1.0.x before 1.0.66, 1.1.x and 1.2.x before 1.2.56, 1.3.x and 1.4.x before 1.4.19, and 1.5.x before 1.5.26 are affected. You can read more about the vulnerability in CVE-2015-8540. For other technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.” While these specific issues may not affect every app that uses libpng, it’s best to stay up to date on all security patches. We’re here to help If you feel we have sent this warning in error, you can contact our developer support team. Regards, The Google Play Team ===== Regards
cool, thanks for the reply. Yeah, the security check start on September 17, so, it's not like a big deal, it's just, when I searched on the forum for libpng, I didn't find anything, I probably did something wrong. Have a great night guys.
Ha! Sorry if I came up being a little rude. But I can't understand why people are not doing a quick search to see if it already was answered or not. It is rather annoying and makes the forum experience a little tired when the same questions come up all the time. At least for me anyway. Probably a better answer would have been: Let Me Google That For You And you know if the thread you are looking for appears even in Google as the first search result, then you definitely could have done better...
yeah, you are right. good one about "let me google that for you", the cursor moves by his own, dude, did you just hack my pc??? I'm watching you haha, just kidding. Have a good one
