diff --git a/IkiWiki.pm b/IkiWiki.pm
index 5e21e7090..735dc97b1 100644
--- a/IkiWiki.pm
+++ b/IkiWiki.pm
@@ -721,6 +721,10 @@ sub readfile ($;$$) { #{{{
 	binmode($in) if ($binary);
 	return \*$in if $wantfd;
 	my $ret=<$in>;
+	# check for invalid utf-8, and toss it back to avoid crashes
+	if (! utf8::valid($ret)) {
+		$ret=encode_utf8($ret);
+	}
 	close $in || error("failed to read $file: $!");
 	return $ret;
 } #}}}
diff --git a/debian/changelog b/debian/changelog
index 99f35482e..3838a3e90 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ikiwiki (2.70) UNRELEASED; urgency=low
+
+  * Avoid crash on malformed utf-8 discovered by intrigeri.
+
+ -- Joey Hess <joeyh@debian.org>  Wed, 12 Nov 2008 17:30:33 -0500
+
 ikiwiki (2.69) unstable; urgency=low
 
   * Avoid multiple ikiwiki cgi processes piling up, eating all memory,
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 0841abf49..1bc7b9e60 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -407,3 +407,12 @@ discovered on 30 May 2008 and fixed the same day. ([[!cve CVE-2008-0169]])
 
 I recommend upgrading to 2.48 immediatly if your wiki allows both password
 and openid logins.
+
+## Malformed UTF-8 DOS
+
+Feeding ikiwiki page sources containing certian forms of malformed UTF-8
+can cause it to crash. This can potentially be used for a denial of service
+attack.
+
+intrigeri discovered this problem on 12 Nov 2008 and a patch put in place
+later that day.