Hi every one, before i have an android game that develop on Cocos2dx v 2.2 that published on Google Play. And I’ve received the OpenSSL Security Alert Mail from Google Play for android apps. So I updated the game to use the cocos2dx v2.4 and publish to the Google Play again.
Recent I again got an email from Google with title “Google Play 60-day deadline for resolving OpenSSL vulnerabilities”
They said:
We wanted to let you know that your app(s) listed below statically link
against a version of OpenSSL that has multiple security vulnerabilities
for users. Please migrate your app(s) to an updated version of OpenSSL
within 60 days of this notification. Beginning 7/7/15, Google Play will block publishing of any new apps and updates that use older, unsupported versions of OpenSSL (see below for details)…
I wonder what version of cocos2dx solved the OpenSSL vulnerabilities, how about the cocos2dx v3.2 and v3.3 rc0. I’ve migrated that game to version cocos2dx v3.3 rc0 to can publish to the Windows Phone store without error and I’ve publish that game to Windows Phone Store. My doubt if the cocos2dx v3.3 rc0 solved the OpenSSL issue. If v3.3 rc0 ok i can build for the android version without update the code to new version.
I have another question. Can I use cocos2dx v 3.6 to build the game that written on V3.3rc0?
When I migrated from v2.4 to v3.3 there are a lot of change, so it take more time. How about from v3.3 to v3.6?