Notification / Warning ? from Google Play after release app with no changes up to API-level 28

StephyAPStephyAP
in General Discussion
I have updated a wallpaper APP only to conform to the minimum requirements of API - Level 28 - Android 9. No other changes were made.

Soon after releasing the new version I received an email from Google Play.

Request for bugfix and info.

"Hello Google Play Developer,

We reviewed your app with package name com.andromo.dev129559.app192205, and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose user information or damage a user’s device, and may be considered to be in violation of our Malicious Behavior policy.

Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please migrate your apps to use the updated software as soon as possible and increment the version number of the upgraded APK.
Vulnerability     APK Version(s)     Deadline to fix
SSL Error Handler

For more information on how to address WebView SSL Error Handler alerts, please see this Google Help Center article.
    45    January 20, 2020
Vulnerability     APK Version(s)     Deadline to fix

To confirm you’ve upgraded correctly, submit the updated version of your app to the Play Console and check back after five hours. We’ll show a warning message if the app hasn’t been updated correctly.

While these vulnerabilities may not affect every app, it’s best to stay up to date on all security patches.

If you have technical questions about the vulnerability, you can post to Stack Overflow and use the tag “android-security.” For clarification on steps you need to take to resolve this issue, you can contact our developer support team.

Best,

The Google Play Team"

«1

Comments

  • dodgeyyydodgeyyy
    yes me too, i got this email 
  • mww_appsmww_apps
    edited October 2019
    My co-worker had the same problem yesterday .  It was resolved very easy. 

    Just go in your project where were issue , change version of app (ex. : correct 1.0 , new update 1.1 ) , go now to build app , upload on google dev account . 

    I would also suggest you to  go in ADMOB account ( if you use one ) and make sure you unchecked 'sensitive category' ads , if you didn't by now . 
    tephyap 

    dodgeyyy

  • InsplisityInsplisity
    edited October 2019
    Same here. Do you guys have anything linked to a URL that starts with http:// instead of https://?

    I have some of my graphics hosted on my hosting account which wasn't upgraded to https:// yet. So the graphics are pulled basically from an "unsafe" connection.

    Could this be the issue?

    @mww_apps
    I'm not sure how this would help. 
  • StephyAPStephyAP
    that's nothing we can do.

    Build was done before it was released. Ad mob etc I don't use. Only pictures, no links
  • InsplisityInsplisity
    @stephyap
    Good to know, thanks. I sent a support message to @andromoappmaker - let's hope they respond quickly. The deadline to fix this issue is until January 2020. After that, we could get penalized.

  • InsplisityInsplisity
    I'm mainly updating my apps for the SDK 28 update, but at the moment, I can't really proceed, because I'm getting the "WebView SSL Error Handler" errors. The SDK update "must" be done by the Nov. 1. I hope you guys will be able to fix this. Thanks.
  • StephyAPStephyAP
    i also wrote a mail to the support.

    You can already put the SDK update online.
    From 5 APPs I got only one mail from Google with this content.

    we are patient until the deadline ends in January ;-)



  • InsplisityInsplisity
    My hit rate was worse. :-/ Out of 5 apps, 4 got the SSL error message. And I have 40 more to go.
  • StephyAPStephyAP
    urghh... Andromo is working on this issue and will notifiy about it
  • RikkiBlakkRikkiBlakk
    I created another app with same result, a notification by Google Play, I think that I should stop until this issue is solved, do not want to upset Google Play Team. Hopefully this get fix soon. Thxs.
  • ragiragi
    I also get the same warning. Just wanted to post on forum but everyone already posted the same warning. Hope Andromo team give the resolution to us soon.
  • andromoappmakerandromoappmaker
    We are working now on this issue, and release a fix with the nearest update, don't worry about it. We will notify you about it.
    Thanks for understanding, your Andromo team.
  • InsplisityInsplisity
    Thanks for the update and for the willingness to solve this issue promptly.
  • dodgeyyydodgeyyy
    @andromoappmaker so this problem has been solve ? or still working on this issue?
  • dodgeyyydodgeyyy
    @mww_apps are you sure this work for us too? or you just lucky :(
  • fabiooofabiooo
    The problem exists only in "Custom Page Activity"
    Applications without "Custom Page Activity" They work well
  • ragiragi
    @biya11 are you sure about that?
  • dodgeyyydodgeyyy
    @biya11 im not sure about this, i have music app with custom page but no problem.
  • fabiooofabiooo
    I deleted "Custom Page Activity" Now it works without a problem
  • ragiragi
    @biya11 Thank you. But I also wanna ask you, where should we put the license agreement and privacy policy if we don't use custom page activity?
  • fabiooofabiooo
    @dodgeyyy
    the problem when you update
  • fabiooofabiooo
    @burukutuk
    I do not use the in-app privacy policy
  • ahmadsofianahmadsofian
    I have two apps when published received a warning from google on SSL Error Handler. Google gave me three months to resolve the issue.  Submitted ticket to Andormo, hopefully it will be solve otherwise the two apps will be removed from google plays store. Funny thing is google allow the apps to b published with the ads activated as usual. I will try to build another app without the custom page...if it is true that the problem is with that activity. Thank you.
  • RikkiBlakkRikkiBlakk
    edited October 2019
    Lot of my apps are built with custom pages in it, so hopefully this can be solved soon. Besides I had to stop building more apps because of this issue, not even updating current apps.
  • InsplisityInsplisity
    Same here, @rikkiblakk

  • Mack2020Mack2020
    I just got the same message

  • ..........................
    Me too, I received the same message from google
  • ahmadsofianahmadsofian
    I tested an app not using the custom page...google published the app but send me the warning. I don't think the issue is confine to custom page alone...I think the problem is the whole platform. So, please Andromo please resolve this issue as soon as possible...otherwise we are not being productive.
  • andromoappmakerandromoappmaker
    We fixed the SSL Error Handler. Please, update your apps, if you received a warning letter from Google about this problem.
  • ragiragi
    @andromoappmaker Just update the apps? No need to remove the activities? Can we use custom page now?
Sign In or Register to comment.