Recently, my app was rejected from the Play Store and the reason given was this
The vulnerabilities were addressed in OpenSSL 1.02f/1.01r. To confirm your OpenSSL version, you can do a grep search for: $ unzip -p YourApp.apk | strings | grep "OpenSSL" You can find more information and next steps in this [Google Help Center article](https://support.google.com/faqs/answer/6376725).
The app had v 3.5.2 of SQLCipher which in turn has OpenSSL v1.0.2g - yet it was rejected from the Play Store.
Oddly enough, the same app was accepted in a subsequent submission to the Play Store.
I bumped up the version of SQLCipher to 3.5.9 and even 4.0.1 and even in both cases, the submission/rejection from Play Store was random. It was accepted in some instances and rejected in some other instances with all 3 versions of SQLCipher.
My question is - Has anyone seen something similar ? What did you do ? I have already approached Google pertaining to this, but I’d like to hear other experiences.