diff --git a/pkgs/desktops/kde-4.12/kdelibs/kdelibs.nix b/pkgs/desktops/kde-4.12/kdelibs/kdelibs.nix
index 396adf9ba75..1698abfd00f 100644
--- a/pkgs/desktops/kde-4.12/kdelibs/kdelibs.nix
+++ b/pkgs/desktops/kde-4.12/kdelibs/kdelibs.nix
@@ -4,7 +4,7 @@
 , automoc4, soprano, qca2, attica, enchant, libdbusmenu_qt, grantlee
 , docbook_xml_dtd_42, docbook_xsl, polkit_qt_1, acl, attr, libXtst
 , udev, herqq, phonon, libjpeg, xz, ilmbase, libxslt
-, pkgconfig
+, pkgconfig, fetchpatch
 }:
 
 kde {
@@ -28,7 +28,15 @@ kde {
   # There are a few hardcoded paths.
   # Split plugins from libs?
 
-  patches = [ ../files/polkit-install.patch ];
+  patches = [
+    ../files/polkit-install.patch
+    (fetchpatch {
+      name = "CVE-2014-5033.patch";
+      url = "http://quickgit.kde.org/?p=kdelibs.git"
+        + "&a=commit&h=e4e7b53b71e2659adaf52691d4accc3594203b23";
+      sha256 = "0mdqa9w1p6cmli6976v4wi0sw9r4p5prkj7lzfd1877wk11c9c73";
+    })
+  ];
 
   cmakeFlags = [
     "-DDOCBOOKXML_CURRENTDTD_DIR=${docbook_xml_dtd_42}/xml/dtd/docbook"