diff --git a/debian/patches/cve-2016-9469.diff b/debian/patches/cve-2016-9469.diff
new file mode 100644
index 0000000000..8802943b32
--- /dev/null
+++ b/debian/patches/cve-2016-9469.diff
@@ -0,0 +1,31 @@
+diff --git a/app/finders/issuable_finder.rb b/app/finders/issuable_finder.rb
+index e42d5af..2c9412b 100644
+--- a/app/finders/issuable_finder.rb
++++ b/app/finders/issuable_finder.rb
+@@ -7,7 +7,7 @@
+ #   current_user - which user use
+ #   params:
+ #     scope: 'created-by-me' or 'assigned-to-me' or 'all'
+-#     state: 'open' or 'closed' or 'all'
++#     state: 'opened' or 'closed' or 'all'
+ #     group_id: integer
+ #     project_id: integer
+ #     milestone_title: string
+@@ -183,10 +183,13 @@ class IssuableFinder
+   end
+ 
+   def by_state(items)
+-    params[:state] ||= 'all'
+-
+-    if items.respond_to?(params[:state])
+-      items.public_send(params[:state])
++    case params[:state].to_s
++    when 'closed'
++      items.closed
++    when 'merged'
++      items.respond_to?(:merged) ? items.merged : items.closed
++    when 'opened'
++      items.opened
+     else
+       items
+     end
diff --git a/debian/patches/series b/debian/patches/series
index 4e2537076e..73108a30e7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@ source-init-functions.patch
 pid-log-paths.patch
 052-relax-grape.patch
 0200-remove-order-dependency-in-label-finder-spec.patch
+cve-2016-9469.diff