Yes, i'm following this post and someone wrote "we really need to be upgrade to open SSL 1.0.1h if we read the google play email and refer to the openssl link they gave us."
According to OpenSSL release note, version 1.0.1g contains bug... -----Messaggio originale----- Da: Frédéric THOMAS [mailto:webdoubl...@hotmail.com] Inviato: venerdì 13 giugno 2014 14:41 A: users@flex.apache.org Oggetto: RE: R: R: Alert from Google app store - vulnerable OpenSSL version Yes, it seems to be correct, Adobe is updating its release note about it, see this post [1] comments. Frédéric THOMAS [1] https://forums.adobe.com/message/6455251#6455251 > Subject: R: R: Alert from Google app store - vulnerable OpenSSL > version > Date: Fri, 13 Jun 2014 11:11:19 +0200 > From: f.demaddal...@patente.it > To: users@flex.apache.org > > I've just compiled an apk with the latest version of AIR and in > xxx.apk/lib/armeabi-v7a/libCore.so I found the string "OpenSSL 1.0.1g". > In the older version of the same apk I found "OpenSSL 1.0.1e". > Is 1.0.1g the correct version of OpenSSL? I've updated AIR SDK two hours > ago... > Sorry for my bad english > > Federico > > -----Messaggio originale----- > Da: Tom Chiverton [mailto:t...@extravision.com] > Inviato: venerdì 13 giugno 2014 10:52 > A: users@flex.apache.org > Oggetto: Re: R: Alert from Google app store - vulnerable OpenSSL > version > > On 13/06/14 09:20, Federico De Maddalena wrote: > > I received the same email...probably we have to recompile with the > > latest version of air sdk 14 (14.0.0.110) > And as newer AIRs don't support Linux, that's the end of distributing AIR > apps directly from Linux :-/ Something else I need VirtualBox for I suppose ! > > Tom
