All Google Play Billing Library 3 versions before Oct, 8 distributed via Android SDK and marketbilling on Googlecode are susceptible to impersonation and signature verification vulnerabilities.
f68f31523fe048d0a532378407c09820e34245d3b9aac37fc00b428562210019