You need to inspect all the packages you use in your app, and make certain you are not using an insecure version of OpenSSL. You can't try to excuse yourself from this because you don't think you are handling sensitive information. That's not what they are asking for. Somehow, Google thinks they found OpenSSL in your app, and they were able to determine that it's a bad version. I'd push back on that if anything. See if they will show you a log of their scan, or if they will describe how they arrived at this conclusion. Then fix the problem. I'd look at this as an adventure. Maybe you'll learn an app scanning technique that can be used to detect other features.
> > -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/android-developers?hl=en --- You received this message because you are subscribed to the Google Groups "Android Developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
