diff --git a/UPGRADE-2.1.md b/UPGRADE-2.1.md
index 32ac226ff7..8187efef6d 100644
--- a/UPGRADE-2.1.md
+++ b/UPGRADE-2.1.md
@@ -14,7 +14,7 @@
     for multiple environments.
 
   * The priorities for the built-in listeners have changed.
- 
+
     ```
                                             2.0         2.1
         security.firewall   kernel.request  64          8
@@ -204,7 +204,9 @@
 
   * The Firewall listener is now registered after the Router listener. This
     means that specific Firewall URLs (like /login_check and /logout) must now
-    have proper routes defined in your routing configuration.
+    have proper routes defined in your routing configuration. Also, if you have
+    a custom 404 error page, make sure that you do not use any security related
+    features such as `is_granted` on it.
 
   * The user provider configuration has been refactored. The configuration
     for the chain provider and the memory provider has been changed:
@@ -248,9 +250,9 @@
      use Symfony\Bundle\SecurityBundle\Validator\Constraint\UserPassword;
      use Symfony\Bundle\SecurityBundle\Validator\Constraint as SecurityAssert;
      ```
-     
+
      After:
-     
+
      ```
      use Symfony\Component\Security\Core\Validator\Constraint\UserPassword;
      use Symfony\Component\Security\Core\Validator\Constraint as SecurityAssert;