Patch #34461
Update Redcarpet to 3.5.1
Status: | Closed | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | % Done: | 0% | ||
Category: | Gems support | |||
Target version: | 4.0.8 |
Associated revisions
Update Redcarpet to 3.5.1 (#34461).
The version fixes a security vulnerability using :quote in combination with the :escape_html option.
History
#1
Updated by Marius BALTEANU about 1 month ago
- Tracker changed from Defect to Patch
diff --git a/Gemfile b/Gemfile
index 9824c3b2e..a5baf33ce 100644
--- a/Gemfile
+++ b/Gemfile
@@ -44,7 +44,7 @@ end
# Optional Markdown support, not for JRuby
group :markdown do
- gem "redcarpet", "~> 3.5.0"
+ gem "redcarpet", "~> 3.5.1"
end
#2
Updated by Go MAEDA about 1 month ago
https://github.com/vmg/redcarpet/blob/master/CHANGELOG.md#version-351-security
Fix a security vulnerability using :quote in combination with the :escape_html option.
#3
Updated by Go MAEDA about 1 month ago
- Status changed from New to Closed
- Assignee set to Go MAEDA
Committed the patch. Thank you.