The first SQL injection abuse was actually two days earlier,
so we're reverting to Nov 22 backups instead.
There's a brief note on http://savannah.gnu.org/:
# 2010/11/30 22:45 GMT: stopped write access and preparing new
backup from the 22th
# 2010/11/30 23:45 GMT: found trace of earlier read-only SQL
injections as back as January, but apparently none with actual
account cracking; searching more
# 2010/12/01 00:55 GMT: after fishing through logs, it appears that
there was no other account cracking
