Android: Removing OpenCV older version will resolve Libpng Vulnerability warning?
Solution 1:
The vulnerable version of libpng in OpenCV 2.4.x was updated in OpenCV 2.4.13.1.
It can be downloaded from here.
As @Simon says, OpenCV 3.x is not affected.
More info: #6694 OpenCV 2.x uses vulnerable version of libpng
Solution 2:
Yes, now confirmed with Google: Updating to 3.1.0 will fix the issue - I've upgraded one of my apps to 3.1.0, and while there's a bit of a bug in Google's detection of this vulnerability, I've had confirmation from a support representative that the new version is not vulnerable to this issue.
--
Previous answer:
No - I've upgraded to 3.1.0 and still get the warning. Edit: see below for update
The OpenCV Android SDK hasn't been updated since December 2015, so hopefully a newer version this year will use a fixed version of libpng.
Edit: some odd behaviour on Google Play, and some digging into the version of libpng that that OpenCV 3.1.0 uses leads me to think that 3.1.0 is not vulnerable. I updated my app and the vulnerability warning was still there (with its warning text updated to the new APK version number). Now, however, Google Play has dismissed the alert, though it still confusingly refers to the new version as vulnerable.