Merge branch 'redcloth-4-3-2-cve-2012-6684' into 'master'

Update RedCloth to 4.3.2 for CVE-2012-6684

## What does this MR do?

To fix XSS (CVE-2012-6684), upgrade RedCloth to 4.3.2.

## Are there points in the code the reviewer needs to double check?

No.

## Why was this MR needed?

Security vulnerability in RedCloth (CVE-2012-6684) should be fixed to provide GitLab as a secure software.

## What are the relevant issue numbers?

Closes #19169 

cf. !2037, !2071

## Does this MR meet the acceptance criteria?

- [x] [CHANGELOG](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CHANGELOG) entry added
- [n/a] [Documentation created/updated](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/doc_styleguide.md)
- [n/a] API support added
- Tests
  - [n/a] Added for this feature/bug
  - [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)

See merge request !4929

1 files changed, 1 insertions, 0 deletions

diff --git a/CHANGELOG b/CHANGELOG
index 2f93fcdbaa0..2f29a64df1b 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -38,6 +38,7 @@ v 8.9.5 (unreleased)
   - Show "locked" label for locked runners on runners admin. !4961
   - Fixes issues importing events in Import/Export. Import/Export version bumped to 0.1.1
   - Fix import button disabled when import process fail due to the namespace already been taken.
+  - Security: Update RedCloth to 4.3.2 (Takuya Noguchi)
 
 v 8.9.4
   - Fix privilege escalation issue with OAuth external users.