diff --git a/advisory_parser/parsers/chrome.py b/advisory_parser/parsers/chrome.py index cec7e73..b699162 100644 --- a/advisory_parser/parsers/chrome.py +++ b/advisory_parser/parsers/chrome.py @@ -22,15 +22,11 @@ def parse_chrome_advisory(url): advisory_text = get_text_from_url(url) - # Workaround for advisories that do not use
s for each CVE entry. E.g.: - # https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html - advisory_text = re.sub(r"(.)\[\$", r"\1\n[$", advisory_text) - if "Security Fixes" not in advisory_text: raise AdvisoryParserTextException("No security fixes found in {}".format(url)) # Throw away parts of the text after the blog post - flaws_text = advisory_text.split("Labels:\nStable updates")[0].strip() + flaws_text = advisory_text.split("Labels:\nDesktop Update")[0].strip() # Parse out public date match = re.search("^Stable Channel Update for Desktop\n(.+)", flaws_text, re.MULTILINE) @@ -50,15 +46,27 @@ def parse_chrome_advisory(url): except ValueError: raise AdvisoryParserTextException("Could not find fixed-in version in {}".format(url)) - # Filter out lines that contain CVEs - cve_lines = [line.strip() for line in flaws_text.split("\n") if CVE_REGEX.search(line)] + # There is no newline character between Flaw descriptions. We use '[TBD][123456]' to delimit. + cve_lines = [] + bug_ids = [] + matches = list(re.finditer(r"\[[A-Z]+\]\[(\d{6,})\]", flaws_text)) + no_of_matches = len(matches) + for match_index in range(no_of_matches - 1): + bug_ids.append(matches[match_index].group(1)) + cve_lines.append(flaws_text[matches[match_index].end() : matches[match_index + 1].start()]) + cve_lines.append(flaws_text[matches[no_of_matches - 1].end() :]) + bug_ids.append(matches[no_of_matches - 1].group(1)) if not cve_lines: raise AdvisoryParserTextException("Could not find any CVEs in {}".format(url)) + if len(cve_lines) != len(bug_ids): + raise AdvisoryParserTextException("Number of CVE IDs did not match the number of bug IDs") + flaws, warnings = [], [] + line_index = 0 for line in cve_lines: # Parse each line containing information about a CVE, e.g.: - # [$7500][590275] High CVE-2016-1652: XSS in X. Credit to anonymous. + # High CVE-2016-1652: XSS in X. Credit to anonymous. # First, split into two groups by first encountered colon. metadata, text = line.split(":", maxsplit=1) if not metadata or not text: @@ -66,7 +74,7 @@ def parse_chrome_advisory(url): continue # If a line contains Various, it describes internal fixes, e.g.: - # [563930] CVE-2015-6787: Various fixes from internal audits... + # CVE-2015-6787: Various fixes from internal audits... if "Various" in text: impact = "important" else: @@ -81,10 +89,9 @@ def parse_chrome_advisory(url): impact = impact.replace("high", "important") impact = impact.replace("medium", "moderate") - bug_ids = re.findall(r"\d{6,}", metadata) cves = CVE_REGEX.findall(metadata) - if not bug_ids and not cves: - warnings.append("Could not find CVEs or bugs; skipping: {}".format(line)) + if not cves: + warnings.append("Could not find CVEs skipping: {}".format(line)) continue summary = text.split(".")[0].strip() @@ -109,8 +116,9 @@ def parse_chrome_advisory(url): summary = "chromium-browser: " + summary description += "\n\nUpstream bug(s):\n" - for bug in bug_ids: - description += "\nhttps://code.google.com/p/chromium/issues/detail?id=" + bug + description += "\nhttps://code.google.com/p/chromium/issues/detail?id=" + description += bug_ids[line_index] + line_index += 1 com_url = ( url if "blogspot.com" in url else re.sub(r"blogspot\.[^/]*/", "blogspot.com/", url) diff --git a/tests/test_chrome_parser.py b/tests/test_chrome_parser.py index b0cad81..54bf10c 100644 --- a/tests/test_chrome_parser.py +++ b/tests/test_chrome_parser.py @@ -19,56 +19,57 @@ def load_test_data(fname): @patch("advisory_parser.parsers.chrome.get_text_from_url") def test_parser(get_text_from_url): - get_text_from_url.return_value = load_test_data("chrome_2017-06-15.txt") - url = "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html" + get_text_from_url.return_value = load_test_data("chrome_2024-08-28.txt") + url = "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html" flaws, warnings = parse_chrome_advisory(url) assert not warnings - assert len(flaws) == 3 + assert len(flaws) == 4 assert vars(flaws[0]) == { - "summary": "chromium-browser: Sandbox Escape in IndexedDB", + "summary": "chromium-browser: Type Confusion in V8", "cvss3": "8.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "description": "A sandbox escape flaw was found in the IndexedDB component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=725032", - "from_url": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html", - "fixed_in": {"chromium-browser": ["59.0.3071.104"]}, + "description": "A type confusion flaw was found in the V8 component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=351865302", + "from_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", + "fixed_in": {"chromium-browser": ["128.0.6613.113"]}, "cvss2": None, "advisory_id": None, "impact": "important", - "cves": ["CVE-2017-5087"], - "public_date": datetime.datetime(2017, 6, 15, 0, 0), + "cves": ["CVE-2024-7969"], + "public_date": datetime.datetime(2024, 8, 28, 0, 0), } assert vars(flaws[1]) == { - "summary": "chromium-browser: Out of bounds read in V8", + "summary": "chromium-browser: Heap buffer overflow in Skia", "cvss3": "8.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "description": "An out of bounds read flaw was found in the V8 component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=729991", - "from_url": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html", - "fixed_in": {"chromium-browser": ["59.0.3071.104"]}, + "description": "A heap buffer overflow flaw was found in the Skia component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=360265320", + "from_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", + "fixed_in": {"chromium-browser": ["128.0.6613.113"]}, "cvss2": None, "advisory_id": None, "impact": "important", - "cves": ["CVE-2017-5088"], - "public_date": datetime.datetime(2017, 6, 15, 0, 0), + "cves": ["CVE-2024-8193"], + "public_date": datetime.datetime(2024, 8, 28, 0, 0), } assert vars(flaws[2]) == { - "summary": "chromium-browser: Domain spoofing in Omnibox", - "cvss3": "6.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", - "description": "A domain spoofing flaw was found in the Omnibox component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=714196", - "from_url": "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html", - "fixed_in": {"chromium-browser": ["59.0.3071.104"]}, + "summary": "chromium-browser: Type Confusion in V8", + "cvss3": "8.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "description": "A type confusion flaw was found in the V8 component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=360533914", + "from_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", + "fixed_in": {"chromium-browser": ["128.0.6613.113"]}, "cvss2": None, "advisory_id": None, - "impact": "moderate", - "cves": ["CVE-2017-5089"], - "public_date": datetime.datetime(2017, 6, 15, 0, 0), + "impact": "important", + "cves": ["CVE-2024-8194"], + "public_date": datetime.datetime(2024, 8, 28, 0, 0), + } + assert vars(flaws[3]) == { + "summary": "chromium-browser: Heap buffer overflow in Skia", + "cvss3": "8.8/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", + "description": "A heap buffer overflow flaw was found in the Skia component of the Chromium browser.\n\nUpstream bug(s):\n\nhttps://code.google.com/p/chromium/issues/detail?id=360758697", + "from_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", + "fixed_in": {"chromium-browser": ["128.0.6613.113"]}, + "cvss2": None, + "advisory_id": None, + "impact": "important", + "cves": ["CVE-2024-8198"], + "public_date": datetime.datetime(2024, 8, 28, 0, 0), } - - -@patch("advisory_parser.parsers.chrome.get_text_from_url") -def test_parser_multi_cve(get_text_from_url): - get_text_from_url.return_value = load_test_data("chrome_2020-02-04.txt") - url = "https://chromereleases.googleblog.com/2017/06/stable-channel-update-for-desktop_15.html" - flaws, warnings = parse_chrome_advisory(url) - - assert not warnings - assert len(flaws) == 41 - assert flaws[5].cves == ["CVE-2019-19880", "CVE-2019-19925"] diff --git a/tests/test_data/chrome_2017-06-15.txt b/tests/test_data/chrome_2017-06-15.txt deleted file mode 100644 index 20c3318..0000000 --- a/tests/test_data/chrome_2017-06-15.txt +++ /dev/null @@ -1,280 +0,0 @@ -Chrome Releases: Stable Channel Update for Desktop -Chrome Releases - -Release updates from the Chrome team -Stable Channel Update for Desktop -Thursday, June 15, 2017 -The stable channel has been updated to 59.0.3071.104 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. -Security Fixes and Rewards -Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. -This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. -[$10,500][725032] High CVE-2017-5087: Sandbox Escape in IndexedDB. Reported by Ned Williamson on 2017-05-22 -[$4,000][729991] High CVE-2017-5088: Out of bounds read in V8. Reported by Xiling Gong of Tencent Security Platform Department on 2017-06-06 -[$2,000][714196] Medium CVE-2017-5089: Domain spoofing in Omnibox. Reported by Michał Bentkowski on 2017-04-21. -We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. -As usual, our ongoing internal security work was responsible for a wide range of fixes: -[732498] Various fixes from internal audits, fuzzing and other initiatives -Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity, or libFuzzer. -A list of changes is available in the log. Interested in switching release channels? Find out how.  If you find a new issue, please let us know by filing a bug.  The community help forum is also a great place to reach out for help or learn about common issues. -Abdul Syed -Google Chrome -Google - -Labels: -Stable updates -6 comments -: - -unknownman72 -said... -All the strange black stripes are gone now. I didn´t expect that it would be repaired so quickly. Thank you a lot Google team. Keep up the good work. -4:50 PM, June 15, 2017 -Shlomi sa -said... -Why can not pages be translated into Hebrew for more than six months? -12:48 PM, June 16, 2017 -Alfin Auzikri -said... -wow, new UI on about page -3:39 PM, June 16, 2017 -Unknown -said... -thank the good topic.gclubgclub onlinegoldenslot -6:16 PM, June 16, 2017 -ADitya Samant -said... -freezing issue in windows 10 home....freezes every half an hour -9:35 PM, June 16, 2017 -Ádám Mikulás -said... -same freezing issue at me as ADitya Samant... -8:46 AM, June 22, 2017 -Post a Comment - - - - - - -Labels - - -Admin Console -Android WebView -Beta -Beta updates -chrome -Chrome Beta for Android -Chrome Dev for Android -Chrome for Android -Chrome for iOS -Chrome OS -Chrome OS Management -Chromecast Update -dev update -Dev updates -Flash Player update -Stable updates - - -Archive - - - - - - - - -2017 -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2016 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2015 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2014 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2013 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2012 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2011 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2010 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2009 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2008 -Dec -Nov -Oct -Sep -Feed -Googleon -Follow @googlechrome -Follow -Company-wide -Official Google Blog -Public Policy Blog -Student Blog -Products -Android Blog -Inside Search Blog -Lat Long Blog -Developers -Developers Blog -Chromium Blog -Android Developers Blog -Google - -Privacy - -Terms diff --git a/tests/test_data/chrome_2020-02-04.txt b/tests/test_data/chrome_2020-02-04.txt deleted file mode 100644 index 6208901..0000000 --- a/tests/test_data/chrome_2020-02-04.txt +++ /dev/null @@ -1,357 +0,0 @@ -Chrome Releases: Stable Channel Update for Desktop -Chrome Releases - -Release updates from the Chrome team - -Stable Channel Update for Desktop -Tuesday, February 4, 2020 -The Chrome team is delighted to announce the promotion of Chrome 80 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. -Chrome 80.0.3987.87 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new features and big efforts delivered in 80. -Security Fixes and Rewards -Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed. -This update includes 56 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. -[$5000][1034394] High CVE-2020-6381: Integer overflow in JavaScript. Reported by The UK's National Cyber Security Centre (NCSC) on 2019-12-09 -[$2000][1031909] High CVE-2020-6382: Type Confusion in JavaScript. Reported by Soyeon Park and Wen Xu from SSLab, Gatech on 2019-12-08 -[$500][1020745] High CVE-2019-18197: Multiple vulnerabilities in XML. Reported by Jordan Pryde from the BlackBerry Security Incident Response Team on 2019-11-01 -[$500][1042700] High CVE-2019-19926: Inappropriate implementation in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16 -[$N/A][1035399] High CVE-2020-6385: Insufficient policy enforcement in storage. Reported by Sergei Glazunov of Google Project Zero on 2019-12-18 -[$N/A][1038863] High CVE-2019-19880, CVE-2019-19925: Multiple vulnerabilities in SQLite. Reported by Richard Lorenz, SAP on 2020-01-03 -[$N/A][1042535] High CVE-2020-6387: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16 -[$N/A][1042879] High CVE-2020-6388: Out of bounds memory access in WebAudio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-16 -[$N/A][1042933] High CVE-2020-6389: Out of bounds write in WebRTC. Reported by Natalie Silvanovich of Google Project Zero on 2020-01-16 -[$N/A][1045874] High CVE-2020-6390: Out of bounds memory access in streams. Reported by Sergei Glazunov of Google Project Zero on 2020-01-27 -[$10000][1017871] Medium CVE-2020-6391: Insufficient validation of untrusted input in Blink. Reported by Michał Bentkowski of Securitum on 2019-10-24 -[$5000][1030411] Medium CVE-2020-6392: Insufficient policy enforcement in extensions. Reported by Microsoft Edge Team on 2019-12-03 -[$5000][1035058] Medium CVE-2020-6393: Insufficient policy enforcement in Blink. Reported by Mark Amery on 2019-12-17 -[$5000][999001] Medium CVE-2020-6499: Inappropriate implementation in AppCache. Reported by Kevin Higgs (@themalwareman) on 2019-08-29 -[$3000][1014371] Medium CVE-2020-6394: Insufficient policy enforcement in Blink. Reported by Phil Freo on 2019-10-15 -[$3000][1022855] Medium CVE-2020-6395: Out of bounds read in JavaScript. Reported by Pierre Langlois from Arm on 2019-11-08 -[$3000][1035271] Medium CVE-2020-6396: Inappropriate implementation in Skia. Reported by William Luc Ritchie on 2019-12-18 -[$2000][1027408] Medium CVE-2020-6397: Incorrect security UI in sharing. Reported by Khalil Zhani on 2019-11-22 -[$2000][1032090] Medium CVE-2020-6398: Uninitialized use in PDFium. Reported by pdknsk on 2019-12-09 -[$2000][1039869] Medium CVE-2020-6399: Insufficient policy enforcement in AppCache. Reported by Luan Herrera (@lbherrera_) on 2020-01-07 -[$2000][843095] Medium CVE-2020-6500: Inappropriate implementation in interstitials. Reported by evi1m0 of Bilibili Security Team on 2018-05-15 -[$1000][1038036] Medium CVE-2020-6400: Inappropriate implementation in CORS. Reported by Takashi Yoneuchi (@y0n3uchy) on 2019-12-27 -[$500][1017707] Medium CVE-2020-6401: Insufficient validation of untrusted input in Omnibox. Reported by Tzachy Horesh on 2019-10-24 -[$500][1029375] Medium CVE-2020-6402: Insufficient policy enforcement in downloads. Reported by Vladimir Metnew (@vladimir_metnew) on 2019-11-28 -[$500][990581] Medium CVE-2020-6501: Insufficient policy enforcement in CSP. Reported by Zhong Zhaochen of andsecurity.cn on 2019-08-03 -[$TBD][1006012] Medium CVE-2020-6403: Incorrect security UI in Omnibox. Reported by Khalil Zhani on 2019-09-19 -[$N/A][1024256] Medium CVE-2020-6404: Inappropriate implementation in Blink. Reported by kanchi on 2019-11-13 -[$N/A][1042145] Medium CVE-2020-6405: Out of bounds read in SQLite. Reported by Yongheng Chen(Ne0) & Rui Zhong(zr33) on 2020-01-15 -[$N/A][1042254] Medium CVE-2020-6406: Use after free in audio. Reported by Sergei Glazunov of Google Project Zero on 2020-01-15 -[$N/A][1042578] Medium CVE-2019-19923: Out of bounds memory access in SQLite. Reported by Richard Lorenz, SAP on 2020-01-16 -[$1000][1026546] Low CVE-2020-6408: Insufficient policy enforcement in CORS. Reported by Zhong Zhaochen of andsecurity.cn on 2019-11-20 -[$1000][1037889] Low CVE-2020-6409: Inappropriate implementation in Omnibox. Reported by Divagar S and Bharathi V from Karya Technologies on 2019-12-26 -[$500][881675] Low CVE-2020-6410: Insufficient policy enforcement in navigation. Reported by evi1m0 of Bilibili Security Team on 2018-09-07 -[$500][929711] Low CVE-2020-6411: Insufficient validation of untrusted input in Omnibox. Reported by Khalil Zhani on 2019-02-07 -[$500][785159] Low CVE-2020-6502: Incorrect security UI in permissions. Reported by evi1m0 of Bilibili Security Team on 2017-11-15 -[$N/A][968505] Low CVE-2020-6412: Insufficient validation of untrusted input in Omnibox. Reported by Zihan Zheng (@zzh1996) of University of Science and Technology of China on 2019-05-30 -[$N/A][1005713] Low CVE-2020-6413: Inappropriate implementation in Blink. Reported by Michał Bentkowski of Securitum on 2019-09-19 -[$N/A][1021855] Low CVE-2020-6414: Insufficient policy enforcement in Safe Browsing. Reported by Lijo A.T on 2019-11-06 -[$N/A][1029576] Low CVE-2020-6415: Inappropriate implementation in JavaScript. Reported by Avihay Cohen @ SeraphicAlgorithms on 2019-11-30 -[$N/A][1031895] Low CVE-2020-6416: Insufficient data validation in streams. Reported by Woojin Oh(@pwn_expoit) of STEALIEN on 2019-12-08 -[$N/A][1033824] Low CVE-2020-6417: Inappropriate implementation in installer. Reported by Renato "Wrath" Moraes and Altieres "FallenHawk" Rohr on 2019-12-13 -We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.As usual, our ongoing internal security work was responsible for a wide range of fixes: -[1048330] Various fixes from internal audits, fuzzing and other initiatives -Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, UndefinedBehaviorSanitizer, Control Flow Integrity, libFuzzer, or AFL. -Interested in switching release channels?  Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues. -Thank you, -Srinivas Sista -Google - -Labels: -Desktop Update -, - -Stable updates - - - - - - -Labels - - -Admin Console -43 -Android WebView -19 -Beta -12 -Beta updates -1056 -chrome -1 -Chrome Beta for Android -226 -Chrome Dev for Android -4 -Chrome for Android -127 -Chrome for iOS -27 -Chrome for Meetings -5 -Chrome OS -903 -Chrome OS Management -12 -Chromecast Update -6 -Desktop Update -343 -dev update -90 -Dev updates -1022 -Flash Player update -5 -Hangouts Meet hardware -5 -Stable updates -632 - - -Archive - - - - - - - - -2020 -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2019 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2018 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2017 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2016 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2015 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2014 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2013 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2012 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2011 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2010 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2009 -Dec -Nov -Oct -Sep -Aug -Jul -Jun -May -Apr -Mar -Feb -Jan - - - - - - -2008 -Dec -Nov -Oct -Sep -Give us feedback in our Product Forums. -Google - -Privacy - -Terms diff --git a/tests/test_data/chrome_2024-08-28.txt b/tests/test_data/chrome_2024-08-28.txt new file mode 100644 index 0000000..aee842a --- /dev/null +++ b/tests/test_data/chrome_2024-08-28.txt @@ -0,0 +1,402 @@ +Chrome Releases: Stable Channel Update for Desktop +Chrome Releases + +Release updates from the Chrome team + +Stable Channel Update for Desktop +Wednesday, August 28, 2024 +The Stable channel has been updated to 128.0.6613.113/.114 for Windows, Mac and 128.0.6613.113 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log.The Extended Stable channel has been updated to 128.0.6613.114 for Windows and Mac which will roll out over the coming days/weeks. Security Fixes and RewardsNote: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information.[TBD][351865302] High CVE-2024-7969: Type Confusion in V8. Reported by CFF of Topsec Alpha Team on 2024-07-09[TBD][360265320] High CVE-2024-8193: Heap buffer overflow in Skia. Reported by Renan Rios (@hyhy_100) on 2024-08-16[TBD][360533914] High CVE-2024-8194: Type Confusion in V8. Reported by Seunghyun Lee (@0x10n) on 2024-08-18[TBD][360758697] High CVE-2024-8198: Heap buffer overflow in Skia. Reported by Renan Rios (@hyhy_100) on 2024-08-19We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel.Interested in switching release channels? Find out how here. If you find a new issue, please let us know by filing a bug. The community help forum is also a great place to reach out for help or learn about common issues.Prudhvikumar BommanaGoogle Chrome +Google + +Labels: +Desktop Update +, + +Extended Stable updates +, + +Stable updates + + + + + + +Labels + + +Admin Console +43 +Android WebView +19 +Beta +21 +Beta update +4 +Beta updates +1971 +chrome +15 +Chrome Dev for Android +117 +Chrome for Android +906 +Chrome for iOS +355 +Chrome for Meetings +5 +Chrome OS +1149 +Chrome OS Flex +22 +Chrome OS Management +12 +Chromecast Update +6 +ChromeOS +175 +ChromeOS Flex +174 +Desktop Update +1064 +dev update +265 +Dev updates +1477 +Early Stable Updates +43 +Extended Stable updates +116 +Flash Player update +5 +Hangouts Meet hardware +5 +LTS +80 +stable +9 +Stable updates +1194 + + +Archive + + + + + + + + +2024 +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2023 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2022 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2021 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2020 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2019 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2018 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2017 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2016 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2015 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2014 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2013 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2012 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2011 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2010 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2009 +Dec +Nov +Oct +Sep +Aug +Jul +Jun +May +Apr +Mar +Feb +Jan + + + + + + +2008 +Dec +Nov +Oct +Sep +Give us feedback in our Product Forums. +Google + +Privacy + +Terms +