Metaio AR apps flagged in Google Play with OpenSSL issue

Question

I notice Google Play has flagged my AR apps developed in metaio with this message:

Security alert

Your app is using a version of OpenSSL containing a security vulnerability. Please see this Google Help Centre article for details, including the deadline for fixing the vulnerability.

Security alert

Your application has an unsafe implementation of the WebViewClient.onReceivedSslError handler. Please see the alerts page for more information."

I'm hoping it's an easy fix, such as replacing DLL files. Seems I have till July 11th to sort it.

Anyone had this problem and resolved?

Thanks

PS. I use metaio creator, output to arel, copy that output into an app folder template I created which I run through Android Studio/Xcode to generate the final build.

So far I've only been able to identify Metaio using OpenSSL version 1.0.1h which is considered vulnerable. — Mshah, Jun 15 '16 at 10:38
Has anybody fixed this issue? Is there any place where we can get the metaiosdk and recompile it with the latest openssl? — Mimmo Grottoli, Jul 25 '16 at 14:50
@MinaSamy Unfortunately not. I switched over to Unity development. — Mshah, Dec 08 '16 at 14:08

score 1 · Answer 1 · answered Jun 20 '16 at 09:24

1

In case you are looking for alternatives, Wikitude came up with a fix a few days ago: http://www.wikitude.com/blog-sdk-update-openssl-upgrade/

Cheers!

Wikitude team

answered Jun 20 '16 at 09:24

Wikitude

280
1
7

Metaio AR apps flagged in Google Play with OpenSSL issue

1 Answers1