Update sanitize and loofah (#6855)

Fixes CVE-2018-8048 and CVE-2018-3740, two medium-severity XSS vulnerabilities present in these gems when built against libxml2 >= 2.9.2.
author: Patrick Figel <patrick@figel.email> 2018-03-21 17:43:28 +0100
committer: Eugen Rochko <eugen@zeonfederated.com> 2018-03-21 17:43:28 +0100
commit: d97903a3587e137316adbd8a9f0460552b5bfbcd (patch)
tree: c9a8b4c535a8837aa6f88dcd68e3e2a2d63e71a4 /Gemfile
parent: 93897134caf42f1b70620282cef04865af7026b1 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/Gemfile b/Gemfile
index fe5bf572c..8bc28b893 100644
--- a/Gemfile
+++ b/Gemfile
@@ -71,7 +71,7 @@ gem 'mario-redis-lock', '~> 1.2', require: 'redis_lock'
 gem 'rqrcode', '~> 0.10'
 gem 'ruby-oembed', '~> 0.12', require: 'oembed'
 gem 'ruby-progressbar', '~> 1.4'
-gem 'sanitize', '~> 4.4'
+gem 'sanitize', '~> 4.6.4'
 gem 'sidekiq', '~> 5.0'
 gem 'sidekiq-scheduler', '~> 2.1'
 gem 'sidekiq-unique-jobs', '~> 5.0'
author	Patrick Figel <patrick@figel.email>	2018-03-21 17:43:28 +0100
committer	Eugen Rochko <eugen@zeonfederated.com>	2018-03-21 17:43:28 +0100
commit	d97903a3587e137316adbd8a9f0460552b5bfbcd (patch)
tree	c9a8b4c535a8837aa6f88dcd68e3e2a2d63e71a4 /Gemfile
parent	93897134caf42f1b70620282cef04865af7026b1 (diff)