Your application is using a defective version of the OpenSSL library that may cause the application to crash.

Question

Your application is using a defective version of the OpenSSL library that may cause the application to crash.

luesky25 opened this issue 2 years ago · 2 comments

Dear technical team,

I have used sqlcipher to encrypt the database, but when I uploaded it to Google Market, it showed the following:
Defective version of OpenSSL
Your application is using a defective version of the OpenSSL library that may cause the application to crash. Please update to a fixed
OpenSSL version.
Defective version:
OpenSSL 1.1d in lib/armeabi-v7a/libsqlcipher.so

I have checked the information and found that openssl needs to be updated to the version above 1.1.1.g to avoid this problem. Please help us check as soon as possible. Thank you.

Expected Behavior

Actual Behavior

Steps to Reproduce

SQLCipher version (can be identified by executing PRAGMA cipher_version;):

SQLCipher for Android version:
4.5.3
Are you able to reproduce this issue within the SQLCipher for Android test suite?

Note: If you are not posting a specific issue for the SQLCipher library, please post your question to the SQLCipher discuss site. Thanks!

Answer 1 · 2023-04-19T13:02:02.000Z

Hi @luesky25,

You should update your version of SQLCipher for Android. SQLCipher for Android 4.5.3 (the latest version currently) uses OpenSSL 1.1.1s for non-FIPS packages.

Answer 2 · 2023-04-22T02:08:42.000Z

ok，thanks