diff --git a/pkgs/development/python-modules/suds-0.4-CVE-2013-2217.patch b/pkgs/development/python-modules/suds-0.4-CVE-2013-2217.patch
new file mode 100644
index 00000000000..235fc1f928c
--- /dev/null
+++ b/pkgs/development/python-modules/suds-0.4-CVE-2013-2217.patch
@@ -0,0 +1,19 @@
+--- suds.orig/suds/cache.py	2013-06-29 16:26:16.930326017 +0200
++++ suds.orig/suds/cache.py	2013-06-29 16:02:15.000000000 +0200
+@@ -19,6 +19,7 @@ 
+ """
+ 
+ import os
++import tempfile
+ import suds
+ from tempfile import gettempdir as tmp
+ from suds.transport import *
+@@ -138,7 +139,7 @@ 
+         @type duration: {unit:value}
+         """
+         if location is None:
+-            location = os.path.join(tmp(), 'suds')
++            location = tempfile.mkdtemp()
+         self.location = location
+         self.duration = (None, 0)
+         self.setduration(**duration)
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index be3b2275e6e..63a041ffb22 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -20570,9 +20570,11 @@ let
 
     src = pkgs.fetchurl {
       url = "https://pypi.python.org/packages/source/s/suds/suds-0.4.tar.gz";
-      md5 = "b7502de662341ed7275b673e6bd73191";
+      sha256 = "1w4s9051iv90c0gs73k80c3d51y2wbx1xgfdgg2hk7mv4gjlllnm";
     };
 
+    patches = [ ../development/python-modules/suds-0.4-CVE-2013-2217.patch ];
+
     meta = with stdenv.lib; {
       description = "Lightweight SOAP client";
       homepage = https://fedorahosted.org/suds;