flex-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Dove <greg.d...@gmail.com>
Subject Re: OpenSSL & Flex
Date Fri, 08 May 2015 05:28:11 GMT
Google:

Recently we sent you a notification that one or more of your apps should be
upgraded to more recent version of OpenSSL, due to security
vulnerabilities. The notification was sent in error, and we thank you for
previously making the necessary changes to your app.


Greg Dove
Dove Software Development Ltd
http://greg-dove.com

On Fri, May 8, 2015 at 2:33 PM, Jeffry Houser <jeffry@dot-com-it.com> wrote:

>
>  I got the same message and the last time my app was compiled predated
> Flex being donated to Apache.
>
>
>
>
>
>
> On 5/7/2015 9:49 PM, Greg Dove wrote:
>
>> actually I'm using air 17 and getting this for the first time...just fyi
>>
>> Greg Dove
>> Dove Software Development Ltd
>> http://greg-dove.com
>>
>> On Fri, May 8, 2015 at 1:46 PM, OmPrakash Muppirala <bigosmallm@gmail.com
>> >
>> wrote:
>>
>>  Oh yes, it must be regarding this Adobe AIR related issue:
>>>
>>> https://forums.adobe.com/thread/1495664
>>>
>>> Matthew, you mentioned Flex 4.12.  You might have got the then current
>>> version of AIR which probably had this issue.   I think upgrading to Flex
>>> 4.14.1  + AIR 17 (latest supported by Apache Flex) should fix the issue.
>>>
>>> Thanks,
>>> Om
>>>
>>> On Thu, May 7, 2015 at 6:41 PM, Greg Dove <greg.dove@gmail.com> wrote:
>>>
>>>  I got notice of a 60 day warning too, with builds that had not had any
>>>> warning previously. At the moment I wonder if it might be Air SDK
>>>> related
>>>> (although I thought they had addressed that) otherwise I will be
>>>> checking
>>>> to see if older ANEs might have a static linked copy of the deprecated
>>>> OpenSSL lib.
>>>>
>>>>
>>>> On Fri, May 8, 2015 at 1:38 PM, Matthew Weir
>>>>
>>> <mattcommark@yahoo.com.invalid
>>>
>>>> wrote:
>>>>
>>>>  I should also state that the app warned against is one in the Google
>>>>> playstore and not a web based app.
>>>>>
>>>>>
>>>>> Thanks Om
>>>>>
>>>>> Sent from Yahoo Mail on Android
>>>>>
>>>>> From:"OmPrakash Muppirala" <bigosmallm@gmail.com>
>>>>> Date:Thu, May 7, 2015 at 9:31 PM
>>>>> Subject:Re: OpenSSL & Flex
>>>>>
>>>>> It might be related to the server on which the app is hosted on.  In
>>>>> chrome, click on the icon next to the url and see if there are warning
>>>>> messages regarding the site's encryption, certificates, etc.
>>>>>
>>>>> Thanks,
>>>>> Om
>>>>>
>>>>>
>>>>> On May 7, 2015 6:21 PM, "Matthew Weir" <mattcommark@yahoo.com.invalid>
>>>>> wrote:
>>>>>
>>>>>  Hey all,
>>>>>> Just got a security warning from Google about one of my apps using
>>>>>> outdated OpenSSL.  Is this something that's on the Flex side of the
>>>>>> spectrum? Or from the web APIs that it's talking to?
>>>>>> If it is Flex, I think the last SDK I compiled it against was 4.12.
>>>>>>
>>>>> Will
>>>>
>>>>> compiling against 4.14.1 resolve it?
>>>>>> Thanks,Matthew
>>>>>>
>>>>>
>>>>>
>
> --
> Jeffry Houser
> Technical Entrepreneur
> http://www.jeffryhouser.com
> 203-379-0773
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message