1

We rejected project, for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous version of your app is still available on Google Play.

This app uses software that contains security vulnerabilities for users or allows the collection of user data without proper disclosure.

Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please upgrade your app(s) as soon as possible and increment the version number of the upgraded APK.

The vulnerabilities were fixed in libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher.

But I am not adding any libpng library in my project.How to resolve this issue??

Thanks in advance...

Ganesh
  • 923
  • 1
  • 7
  • 12

1 Answers1

0

If you haven't added it directly, it is likely that one of your dependencies did. In software engineering these are often called "transitive dependencies". Now, it can be a little hard to see what libraries your dependencies are using. But there are a few things you can do:

  • if you get your dependencies from source, look at their gradle/makefile/maven files to see the dependencies. Repeat going down looking at their dependencies and so on
  • LibPNG is almost certainly to do with processing PNG files. So it is much more likely that a dependency called something like ImageSupport has this as a dependency
  • If your project uses Maven you can trace the transitive dependency tree as answered here on stackoverflow
  • If your project uses gradle you can see dependencies with the gradle dependencies command as answered here on stackoverflow
  • If all else fails you can always unzip the jars/APKs of the dependencies and look for a file called something like "libpng.so"
Nick Fortescue
  • 13,530
  • 1
  • 31
  • 37
  • I have tried above mentioned points plus all possiblities on google ,also added external library of letest libpng but still facing the same problem.Is there any another solution – Ganesh May 10 '18 at 06:19