shea12
commented
4 years ago Updating to braintree android sdk v3.14.0 does fix the security issue. When can we expect a new release of this package with the updated sdk?
Closed shea12 closed 4 years ago
shea12
commented
4 years ago Updating to braintree android sdk v3.14.0 does fix the security issue. When can we expect a new release of this package with the updated sdk?
nzankich
commented
4 years ago @shea12 I'm sorry for the horribly slow reply. Just bumped version to latest master
We received a security warning "Your app is using an unsafe implementation of HostnameVerifier" from Google Play after submitting a build yesterday. The error seems to be originating in the Braintree Android SDK used by this package.
There is an open issue on the braintree android sdk repo relating to this warning. The maintainer suggested that the latest braintree android sdk
v3.14.0be used. The current react-native-paypal releasev2.2.0is targeting braintreev2.17.0. At this point it is unclear if updating tov3.14.0will fix the security issue but the braintree android sdk version in this package ought to be updated anyhow.When will this package be updated to use the latest braintree android sdk? This is a critical issue for us.
Thanks in advance.