From 394e8fdb5e787c42ef2a85aa08d5123cf6e87086 Mon Sep 17 00:00:00 2001
From: Joey Hess <joey@kitenet.net>
Date: Sat, 22 Jan 2011 11:51:00 -0400
Subject: [PATCH] backport

---
 doc/security.mdwn | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/doc/security.mdwn b/doc/security.mdwn
index 5fb85a469..52d9d3dc0 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -460,5 +460,6 @@ Dave B noticed that attempting to comment on an illegal page name could be
 used for an XSS attack.
 
 This hole was discovered on 22 Jan 2011 and fixed the same day with
-the release of ikiwiki 3.20110122. An upgrade is recommended for sites
+the release of ikiwiki 3.20110122. A fix was backported to Debian squeeze,
+as version 3.20100815.5. An upgrade is recommended for sites
 with the comments plugin enabled. ([[!cve CVE-2011-0428]])
-- 
2.26.2