=== modified file 'debian/changelog'
--- debian/changelog	2017-03-19 23:48:31 +0000
+++ debian/changelog	2017-03-19 23:49:15 +0000
@@ -1,3 +1,15 @@
+epiphany-browser (3.18.11-0ubuntu1) xenial-security; urgency=medium
+
+  * SECURITY UPDATE: Saved passwords were viewable by a man-in-the-middle
+    attack website. This has been mitigated by moving all existing saved
+    http passwords to https. If a website you use is http-only, you can
+    find your old password in Preferences>Privacy>Manage Passwords.
+    - Fixed in new upstream security release 3.18.11 (LP: #1661805)
+      + New upstream release also fixes inability to enter text in
+        websites, a regression introduced in 3.18.10 (LP: #1668704)
+
+ -- Jeremy Bicha <jbicha@ubuntu.com>  Sun, 19 Mar 2017 18:24:58 -0400
+
 epiphany-browser (3.18.10-0ubuntu1) xenial; urgency=medium
 
   * New upstream bugfix release (LP: #1657284)

=== modified file 'debian/patches/00_epiphany-browser.patch'
--- debian/patches/00_epiphany-browser.patch	2017-03-19 23:48:31 +0000
+++ debian/patches/00_epiphany-browser.patch	2017-03-19 23:47:53 +0000
@@ -3,7 +3,7 @@
 --- epiphany-browser-3.18.5.orig/configure.ac
 +++ epiphany-browser-3.18.5/configure.ac
 @@ -20,7 +20,7 @@ m4_define([epiphany_version_minor],[18])
- m4_define([epiphany_version_micro],[10])
+ m4_define([epiphany_version_micro],[11])
  m4_define([epiphany_version],[epiphany_version_major.epiphany_version_minor.epiphany_version_micro])
  
 -AC_INIT([GNOME Web Browser],[epiphany_version],[http://bugzilla.gnome.org/enter_bug.cgi?product=epiphany],[epiphany])