Google 商店：您的应用静态链接到的 OpenSSL 版本有多个安全漏洞。建议您尽快更新 OpenSSL

安全提醒

 

您的应用静态链接到的 OpenSSL 版本有多个安全漏洞。建议您尽快更新 OpenSSL。

 

在开头为 1.0.1h、1.0.0m和 0.9.8za的 OpenSSL 版本中这些漏洞已得到修复。要确认您的 OpenSSL版本，您可以执行grep命令 ("$ unzip -p YourApp.apk | strings | grep "OpenSSL"")。如需了解有关漏洞的详情，请参阅http://www.openssl.org/news/secadv_20140605.txt。

 

要确认您是否已正确升级，请将更新后的版本上传至开发者控制台，并在 5 小时后再回来查看。

 

请注意，尽管目前尚不清楚这些问题是否会影响您的应用，但是，如果应用包含会让用户遭受入侵风险的安全漏洞，那么，我们可能会将其视为“危险产品”，并将其从 Google Play上移除。

 

 

 

 

 

 

 

 

刚刚开始真是无从下手。对底层编辑不是很了解熟悉的菜鸟智能百度了。一直专注于游戏引擎实现功能逻辑的同时我们忘记了一些东西。

 

如果由此现象希望多多补充些知识。

Openssl 安全漏洞升级库 Cocos2dx Curl 1.0.1h版本

下载资源后 替换工程文件对应下面的 cocos2dx/platform/third_party/android/prebuilt/libcurl/libs 所以.a文件。 

然后进行编辑即可。

 

使用命令查看

 

$ unzip -p YourApp.apk | strings | grep "OpenSSL""

 

 

首先更新前

Last login: Fri May  8 10:52:59 on ttys000
localhost:~ lwuit$ cd /Users/lwuit/projects/client/cocos2d-x-2.2.2/projects/libsdk/
localhost:libsdk lwuit$ unzip -p com.aossssro.tww.173.apk |strings|grep "OpenSSL"
OpenSSLDie
DH_OpenSSL
DSA_OpenSSL
ECDH_OpenSSL
ECDSA_OpenSSL
OpenSSL_add_all_ciphers
OpenSSL_add_all_digests
UI_OpenSSL
OpenSSL/%lx.%lx.%lx%s
could not parse PKCS12 file, check password, OpenSSL error %s
%s(%d): OpenSSL internal error, assertion failed: %s
OpenSSL 1.0.0a 1 Jun 2010
OpenSSL default
OpenSSL PKCS#3 DH method
OpenSSL DH Method
OpenSSL DSA method
OpenSSL 'dlfcn' shared library method
OpenSSL EC algorithm
OpenSSL ECDH method
OpenSSL ECDSA method
OpenSSL HMAC method
You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html
OpenSSL RSA method
OpenSSL default user interface
AES part of OpenSSL 1.0.0a 1 Jun 2010
ASN.1 part of OpenSSL 1.0.0a 1 Jun 2010
Blowfish part of OpenSSL 1.0.0a 1 Jun 2010
Big Number part of OpenSSL 1.0.0a 1 Jun 2010
CONF_def part of OpenSSL 1.0.0a 1 Jun 2010
CONF part of OpenSSL 1.0.0a 1 Jun 2010
libdes part of OpenSSL 1.0.0a 1 Jun 2010
DES part of OpenSSL 1.0.0a 1 Jun 2010
Diffie-Hellman part of OpenSSL 1.0.0a 1 Jun 2010
DSA part of OpenSSL 1.0.0a 1 Jun 2010
^ECDH part of OpenSSL 1.0.0a 1 Jun 2010
ECDSA part of OpenSSL 1.0.0a 1 Jun 2010
EVP part of OpenSSL 1.0.0a 1 Jun 2010
lhash part of OpenSSL 1.0.0a 1 Jun 2010
MD4 part of OpenSSL 1.0.0a 1 Jun 2010
MD5 part of OpenSSL 1.0.0a 1 Jun 2010
PEM part of OpenSSL 1.0.0a 1 Jun 2010
RAND part of OpenSSL 1.0.0a 1 Jun 2010
RC2 part of OpenSSL 1.0.0a 1 Jun 2010
RC4 part of OpenSSL 1.0.0a 1 Jun 2010
RIPE-MD160 part of OpenSSL 1.0.0a 1 Jun 2010
RSA part of OpenSSL 1.0.0a 1 Jun 2010
SHA1 part of OpenSSL 1.0.0a 1 Jun 2010
SHA-256 part of OpenSSL 1.0.0a 1 Jun 2010
SHA-512 part of OpenSSL 1.0.0a 1 Jun 2010
Stack part of OpenSSL 1.0.0a 1 Jun 2010
TXT_DB part of OpenSSL 1.0.0a 1 Jun 2010
X.509 part of OpenSSL 1.0.0a 1 Jun 2010
SSLv2 part of OpenSSL 1.0.0a 1 Jun 2010
SSLv3 part of OpenSSL 1.0.0a 1 Jun 2010
TLSv1 part of OpenSSL 1.0.0a 1 Jun 2010
localhost:libsdk lwuit$ 

更新后

OpenSSLDie
DH_OpenSSL
DSA_OpenSSL
ECDH_OpenSSL
ECDSA_OpenSSL
OpenSSL_add_all_ciphers
OpenSSL_add_all_digests
UI_OpenSSL
could not parse PKCS12 file, check password, OpenSSL error %s
OpenSSL/%lx.%lx.%lx%s
OpenSSL CMAC method
OpenSSL default
%s(%d): OpenSSL internal error, assertion failed: %s
OpenSSL 1.0.1h 5 Jun 2014
OpenSSL PKCS#3 DH method
OpenSSL DH Method
OpenSSL DSA method
OpenSSL 'dlfcn' shared library method
OpenSSL EC algorithm
OpenSSL ECDH method
OpenSSL ECDSA method
OpenSSL HMAC method
You need to read the OpenSSL FAQ, http://www.openssl.org/support/faq.html
OpenSSL RSA method
OpenSSL default user interface
AES part of OpenSSL 1.0.1h 5 Jun 2014
ASN.1 part of OpenSSL 1.0.1h 5 Jun 2014
Blowfish part of OpenSSL 1.0.1h 5 Jun 2014
Big Number part of OpenSSL 1.0.1h 5 Jun 2014
CONF_def part of OpenSSL 1.0.1h 5 Jun 2014
CONF part of OpenSSL 1.0.1h 5 Jun 2014
DES part of OpenSSL 1.0.1h 5 Jun 2014
libdes part of OpenSSL 1.0.1h 5 Jun 2014
Diffie-Hellman part of OpenSSL 1.0.1h 5 Jun 2014
DSA part of OpenSSL 1.0.1h 5 Jun 2014
^ECDH part of OpenSSL 1.0.1h 5 Jun 2014
ECDSA part of OpenSSL 1.0.1h 5 Jun 2014
EVP part of OpenSSL 1.0.1h 5 Jun 2014
lhash part of OpenSSL 1.0.1h 5 Jun 2014
MD4 part of OpenSSL 1.0.1h 5 Jun 2014
MD5 part of OpenSSL 1.0.1h 5 Jun 2014
PEM part of OpenSSL 1.0.1h 5 Jun 2014
RAND part of OpenSSL 1.0.1h 5 Jun 2014
RC2 part of OpenSSL 1.0.1h 5 Jun 2014
RC4 part of OpenSSL 1.0.1h 5 Jun 2014
RIPE-MD160 part of OpenSSL 1.0.1h 5 Jun 2014
RSA part of OpenSSL 1.0.1h 5 Jun 2014
SHA1 part of OpenSSL 1.0.1h 5 Jun 2014
SHA-256 part of OpenSSL 1.0.1h 5 Jun 2014
SHA-512 part of OpenSSL 1.0.1h 5 Jun 2014
Stack part of OpenSSL 1.0.1h 5 Jun 2014
TXT_DB part of OpenSSL 1.0.1h 5 Jun 2014
X.509 part of OpenSSL 1.0.1h 5 Jun 2014
DTLSv1 part of OpenSSL 1.0.1h 5 Jun 2014
SSLv2 part of OpenSSL 1.0.1h 5 Jun 2014
(((((sSSLv3 part of OpenSSL 1.0.1h 5 Jun 2014
TLSv1 part of OpenSSL 1.0.1h 5 Jun 2014
localhost:libsdk lwuit$ 

 

---

如果您觉得阅读本文对您有帮助，请点一下“推荐”按钮，您的“推荐”将是我最大的写作动力！欢迎各位转载，但是未经作者本人同意，转载文章之后必须在文章页面明显位置给出作者和原文连接，否则保留追究法律责任的权利。