I have an application that uses some native libraries through .SO files.
I'm in a situation where I can't upload a new version of the app to Google play because those native libraries link to old versions of OpenSSL and LibPNG which have security vulnerabilities as described here: https://android-developers.blogspot.com.eg/2016/06/android-changes-for-ndk-developers.html
My question is: is there any way to include the .SO files in a new project, along with the new versions of OpenSSL and LibPNG and override the linking to the old versions of OpenSSL and LibPNG?
Knowing that I can't rebuild the .SO files because I don't have the source files.
Is there any workaround for solving this?
If you lost access to the source code of your library, but have the .o files (or the .a archive), you can choose a different version of dependencies.
If you use OpenSSL and libPNG as dynamic libraries, your life is easier. If you have them statically linked into your .so file, you need some advanced ELF manipulation techniques which may help if you are lucky and determined.
All this can only work if the interfaces that you use to these libraries remain untouched.