2461569 - OpenSSL Issue in uploading Branded Android Client to Google Play Store - Agentry

Symptom

When submitting branded Android client to Google Play Store, the application is rejected by Google with a message similar to:

Hello Google Play Developer,

We rejected <app name>, with package name <package.name>, for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous version of your app is still available on Google Play.

This app uses software that contains security vulnerabilities for users or allows the collection of user data without proper disclosure.

Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please upgrade your app(s) as soon as possible and increment the version number of the upgraded APK.

Vulnerability

APK Version(s)

OpenSSL

The vulnerabilities were addressed in OpenSSL 1.0.2f/1.0.1r. To confirm your OpenSSL version, you can do a grep search for:

\$ unzip -p YourApp.apk | strings | grep "OpenSSL"

You can find more information and next steps in this Google Help Center article.

Environment

SAP Mobile Platform SDK SP11
Android Agentry application

Product

SAP CRM Service Manager 4.2.0 ; SAP CRM Service Manager 4.3.0 ; SAP Inventory Manager 4.2 ; SAP Inventory Manager 4.3 ; SAP Rounds Manager 3.0.0 ; SAP Work Manager 6.3.0 ; SAP Work Manager 6.4

Keywords

openssl, android, branded, client , KBA , MOB-SYC-SAP , Syclo Mobility for SAP backend , MOB-SDK-AGC , SAP Mobile SDK Agentry Clients , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.