diff --git a/NEWS.md b/NEWS.md
index ee38fb92..97ed34d6 100644
--- a/NEWS.md
+++ b/NEWS.md
@@ -1,3 +1,12 @@
+2018-10-21
+==========
+
+The `sanitize-html` dependency has made a change that results in `"` no longer
+being replaced by `"` when not inside an HTML attribute value.  This
+potentially breaks any chat filters matching quotes as `"` (on my
+particular instance, this seems to be quite rare).  These filters will need to
+be updated in order to continue matching quotes.
+
 2018-08-27
 ==========
 
diff --git a/package.json b/package.json
index 3715f75a..94e75e07 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
   "author": "Calvin Montgomery",
   "name": "CyTube",
   "description": "Online media synchronizer and chat",
-  "version": "3.58.4",
+  "version": "3.59.0",
   "repository": {
     "url": "http://github.com/calzoneman/sync"
   },
diff --git a/test/xss.js b/test/xss.js
index 3fc20970..e353491a 100644
--- a/test/xss.js
+++ b/test/xss.js
@@ -5,7 +5,7 @@ describe('XSS', () => {
     describe('sanitizeHTML', () => {
         it('behaves consistently w.r.t. special chars used in emotes', () => {
             const input    = '`^~=| _-,;:!?/."()[]{}@$*\\&#%+á\t';
-            const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
+            const expected = '`^~=| _-,;:!?/."()[]{}@$*\\\\&#%+á\t';
             assert.strictEqual(XSS.sanitizeHTML(input), expected);
         });
     });