This repository has been archived by the owner on Jun 13, 2024. It is now read-only.
X509TrustManager vulnerability - deadline given, app removal warning #17
Assignees
Labels
Comments
|
Why wouldn't we implement okhttp client? It's more easier and less code.
su 12. heinäk. 2020 klo 11.22 Martin Kankaanranta <notifications@github.com>
kirjoitti:
… Security alert
Your app is using an unsafe implementation of the X509TrustManager
interface with an Apache HTTP client, resulting in a security
vulnerability. Please see this Google Help Centre article for details,
including the deadline for fixing the vulnerability.
Vulnerable classes:
com.nitramite.courier.ArraPakettiStrategy$1
com.nitramite.courier.CainiaoStrategy$1
com.nitramite.courier.DHLActiveTrackingStrategy$1
com.nitramite.courier.DHLAmazonStrategy$1
com.nitramite.courier.DHLExpressStrategy$1
com.nitramite.courier.FedExStrategy$1
com.nitramite.courier.GlsStrategy$1
com.nitramite.courier.MatkahuoltoStrategy$1
com.nitramite.courier.PostNordStrategy$1
com.nitramite.courier.PostiStrategy$1
com.nitramite.courier.UPSStrategy$1
Please fix the issue before: 10/08/2020
Affects APK version 119.
"After the deadlines shown in your Play Console, any apps that contain
unfixed security vulnerabilities may be removed from Google Play."
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#17>, or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AJU4T5XHWV7PKP2DYT6LCOLR3FXFHANCNFSM4OXWGTUQ>
.
|
|
Yep, good approach. |
|
Under development on https://github.com/norkator/Paketin-Seuranta/tree/Feature/okhttp-implementation |
|
Got DHL Active tracking working at same time, url and headers needed changes |
|
All other DHL services URL's have changed so can fix others too. |
|
@developerfromjokela there is now pull request waiting review #18 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Security alert
Your app is using an unsafe implementation of the X509TrustManager interface with an Apache HTTP client, resulting in a security vulnerability. Please see this Google Help Centre article for details, including the deadline for fixing the vulnerability.
Vulnerable classes:
com.nitramite.courier.ArraPakettiStrategy$1
com.nitramite.courier.CainiaoStrategy$1
com.nitramite.courier.DHLActiveTrackingStrategy$1
com.nitramite.courier.DHLAmazonStrategy$1
com.nitramite.courier.DHLExpressStrategy$1
com.nitramite.courier.FedExStrategy$1
com.nitramite.courier.GlsStrategy$1
com.nitramite.courier.MatkahuoltoStrategy$1
com.nitramite.courier.PostNordStrategy$1
com.nitramite.courier.PostiStrategy$1
com.nitramite.courier.UPSStrategy$1
Please fix the issue before: 10/08/2020
Affects APK version 119.
"After the deadlines shown in your Play Console, any apps that contain unfixed security vulnerabilities may be removed from Google Play."
The text was updated successfully, but these errors were encountered: