We are trying to release a game in the Android store, but in the APK autocheck process the feedback from Google is that the APK was rejected because we are including a version of libpng library too old. You can see the issue explanation in the link below:
To compile we’re using Unity 5.6.3p1. We try to update Unity version to the last one but this doesn’t make any different result. We tried to update some plugins too, for example: GooglePlayServices plugin, AVProVideo plugin…
We built the project using the next android build targets: 4.4 (KitKat), 5.1 (Lollipop) and 7.0&7.1 (Nougat) with the same bad result.
In the project we’re using the function EncodeToPNG() from Unity. We’re trying to change this to JPG to see if something change…
About the build process, we’re using the integrated Unity process to make the APK. We use the splitted APK option to generate spearated OBB files.
I too need an answer to this. Other places have suggested upgrading the Unity version, but I upgraded to 2020.3.13f1 and that still didn’t fix the issue. I’m hesitant to upgrade again as that was a lot of work, but others have found success migrating to 2022. I’d love to have a different solution to this problem though.
The vulnerabilities were fixed in libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher. You can find more information about how resolve the issue in this Google Help Center article.
With a game built in 2021.3.34LTS. Any idea?
The “resolve” page says:
How to fix apps containing Libpng Vulnerability
This information is intended for developers of apps that utilize any version of libpng library, that contains a security vulnerability disclosed in CVE-2015-8540. Apps with vulnerabilities like this can expose users to risk of compromise and may be considered in violation of our Malicious Behavior policy.Please migrate your app(s) to libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher as soon as possible and increment the version number of the upgraded APK.