"Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTML escaping was being performed when processing quotes. This applies even when the `:escape_html` option was being used. This is fixed in version 3.5.1 by the referenced commit."
Let us know when ready to stable, thanks!
ppc64 done
ppc done
amd64 stable
x86 stable
arm done
arm64 done all arches done
Please cleanup, thanks!
Cleanup done.
(In reply to Hans de Graaff from comment #9) > Cleanup done. Thank you!