Skip to content

openssl update to 1.0.1h #149

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
PRosenb opened this issue Jan 5, 2015 · 9 comments
Closed

openssl update to 1.0.1h #149

PRosenb opened this issue Jan 5, 2015 · 9 comments

Comments

@PRosenb
Copy link

PRosenb commented Jan 5, 2015

When publishing an app using sqlcipher on Google Play, it complains, that the app contains an insecure openssl version what is located in the file libsqlcipher_android.so from sqlcipher.
Please update it to 1.0.1h to remove this security alert.
@developernotes
Copy link
Member

Hi @PeterRosenberg,

Thanks for the report, we will look into this.

@PRosenb
Copy link
Author

PRosenb commented Feb 25, 2015

Thanks @developernotes for that. Any news?

@developernotes
Copy link
Member

Hi @PeterRosenberg

Not at this time, however we will update OpenSSL with our next release.

@PRosenb
Copy link
Author

PRosenb commented Feb 26, 2015

Perfect, thank you.

@modan75
Copy link

modan75 commented Mar 3, 2015

Hi
Google send us two alert messages about old version OpenSSL (version 1.0.1g), saying that application will be removed if we don't upgrade OpenSSL version.
I have compiled the source, with the new OpenSSL (versions 1.0.1h, 1.0.1i, 1.0.1j) changing in external/android-libs libcrypto.a with the new version. The compilation was successful, it works fine on android 4.x, but on android 2.3 the application stops without any error message at line with SQLiteDatabase.loadLibs(context). Do you have any idea why this could happen?
Thanks

@developernotes
Copy link
Member

Hi @modan75

It is difficult to say why your application crashed. Did you use the script provided within the repo to rebuild OpenSSL? Could you try using your build with the SQLCipher for Android test suite and let us know your results?

@modan75
Copy link

modan75 commented Mar 4, 2015

Hi @developernotes

Thank you very much, the problem was that I wasn't using the script provided within the repo to compile OpenSSL. Now it works with latest OpenSSL version 1.0.2

@JagadeshSeeram
Copy link

Hi @developernotes,@modan75
we were also facing the same old version OpenSSL (version 1.0.1g) saying that application will be removed if we don't upgrade OpenSSL versiona as google stated.I didnt find current android-database-sqlcipher is update with OpenSSL version 1.0.2.So please send me the latest .so file if you have or can you guide me in this process

@developernotes
Copy link
Member

Hi @JgdshSeerm

The latest release of SQLCipher for Android uses OpenSSL 1.0.2g, you can find out more information about the release here.

@aeroxr1 aeroxr1 mentioned this issue Apr 22, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@developernotes @JagadeshSeeram @PRosenb @modan75