I've contacted Google, but the alert is still here.
This is what I wrote (copied&pasted from Intel page):
[quote:37jl19z8]This application uses the Crosswalk 7 WebView which is based off of Chromium 36.0.1985.144. This version of Chromium includes the Open SSL fixes found at https://chromium.googlesource.com/chrom ... 25d0b079c3
The Chromium team did not rev the Open SSL identifier, so it still reports 1.0.1e as the Open SSL version. You can verify this in the commit log at https://chromium.googlesource.com/chrom ... sl.version
You can find the Crosswalk commit that updates to Chromium 36.0.1985.144 at https://github.com/crosswalk-project/cr ... a3d9e68e05
This is what they have replied:
Thanks for contact Google Play Developer Support.
To help protect your users, itâ€™s important for you to update your appâ€™s use of TLS/SSL. Apps with vulnerabilities that expose users to risk of compromise may be considered â€œdangerous productsâ€ and subject to removal from Google Play.
For more information and examples on using TLS/SSL on Android, please go to:
https://developer.android.com/training/ ... y-ssl.html
Here are some common areas to look at when troubleshooting:
- If your app trusted a certificate issued for an unrelated hostname for a connection, your app could be using an overly permissive HostnameVerifier or none at all.
- If your app replaces the default TrustManager with one that doesnâ€™t verify the chain of trust, your app could be trusting a certificate that wasnâ€™t issued by a trusted certificate authority
- If you are using a version of your app for debugging that has SSL disabled, it should be guarded using a DEBUG flag that is never turned on in a build published on Google Play.
Please let us know if you have any additional questions.
Google Play Developer Support
Did you know we offer chat support in English? Chat with us from Monday through Friday, 8 am to 5 pm PT by going to https://support.google.com/googleplay/a ... #contact=1
What can I do?
Ashley and imaffett
EDIT: After calling Google 2 times, contacting them via email 3 times, "marking the alert as current", "Dismissing" the alert, selecting "There's a mistake", the alert has gone, I have no problems anymore.