"Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the `:escape_html` option was being used. This is fixed in version 3.5.1 by the referenced commit."
Let us know when ready to stable, thanks!
all arches done
Please cleanup, thanks!
(In reply to Hans de Graaff from comment #9)
> Cleanup done.