This repository had a security flaw, please include latest commit

[sschiessl-bcp]

Please do not use this as your code base until fixed

[sschiessl-bcp]

Addressed with https://github.com/bituniverse/bitshares_wallet/commit/5e56d52f2cd18214815a2d8b12d2a6791542773c

[sschiessl-bcp]

This is a ping to all forks of this repository, please include latest commit and notify your customers. Please be careful with unmaintained and unaudited libraries, and do your own due dilligence.

@androidlgf @antom487 @BC-Hub @abitmore @btcpimp @bxlkm @cogutvalera @fonero-project @liangzb0614 @sanjumm1983 @senlinms @shanxin @Stevengu999 @tozzais @UL-F @chengang21 @cryptoBOT @dot5enko @fork-android @fulltimegeek @gzbin7878at2016 @HenuElvis @jaypatel2459 @johnda @kyanite @Mstar7264 @NionioMoney @PreICO @fintehru @KITAPLATFORM @rainJohn @slashcol @Stanoevich @talentdeveloper @VELLEVET @XBTS @zhuhaikuan

[abitmore]

Thanks for the notification.

[abitmore]

Also pinging @chouheiwa: perhaps https://github.com/chouheiwa/bitshares_wallet is affected.

[sschiessl-bcp]

Update on the provided fix, it is not sufficient.

See here https://arstechnica.com/information-technology/2013/08/google-confirms-critical-android-crypto-flaw-used-in-5700-bitcoin-heist/

Google fixed this issue in Android in version 4.3, which is SDK version 18. The app has minSDKVersion set at 15 and is still vulnerable.

Please use this RFC6979 compliant fix below

https://github.com/bitshares/bitshares_andriod_wallet/pull/2

[Kwaskoff]

Thank you for your support. We have notification our users and accept bug fix.