diff --git a/extra/kdelibs/PKGBUILD b/extra/kdelibs/PKGBUILD
index 61e07b43f..1f0169a99 100644
--- a/extra/kdelibs/PKGBUILD
+++ b/extra/kdelibs/PKGBUILD
@@ -7,7 +7,7 @@
 
 pkgname=kdelibs
 pkgver=4.13.3
-pkgrel=1
+pkgrel=2
 pkgdesc="KDE Core Libraries"
 arch=('i686' 'x86_64')
 url='https://projects.kde.org/projects/kde/kdelibs'
@@ -21,13 +21,14 @@ install=${pkgname}.install
 source=("http://download.kde.org/stable/${pkgver}/src/${pkgname}-${pkgver}.tar.xz"
         'kde-applications-menu.patch' 'archlinux-menu.patch' 'qt4.patch'
         'arm-coronaoffscreen-input-fixes.diff'
-        'pyqt.patch')
+        'pyqt.patch' 'kdelibs-cve-2014-5033.patch')
 sha1sums=('9c0e963fa2db119ac37e15f31c05d18d3043a58e'
           '86ee8c8660f19de8141ac99cd6943964d97a1ed7'
           '63a850ab4196b9d06934f2b4a13acd9f7739bc67'
           'ed1f57ee661e5c7440efcaba7e51d2554709701c'
           '855150096763600c970aa307c8241b96da33b9ed'
-          'c8b4010c68cee6352a68d97da3d5316f52207e83')
+          'c8b4010c68cee6352a68d97da3d5316f52207e83'
+          '9c808a7e382f59d730a4ced06ef88165f3d87eec')
 
 prepare() {
        mkdir build
@@ -43,6 +44,8 @@ prepare() {
 
        # support newer PyQt build system
        patch -p1 -i "${srcdir}"/pyqt.patch
+
+       patch -p1 -i "${srcdir}/kdelibs-cve-2014-5033.patch"
 }
 
 build() {
diff --git a/extra/kdelibs/kdelibs-cve-2014-5033.patch b/extra/kdelibs/kdelibs-cve-2014-5033.patch
new file mode 100644
index 000000000..c85eccd6b
--- /dev/null
+++ b/extra/kdelibs/kdelibs-cve-2014-5033.patch
@@ -0,0 +1,36 @@
+--- a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
++++ b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+@@ -144,7 +144,7 @@
+ 
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+-    PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+     PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+                                                                                               PolkitQt1::Authority::None);
+     switch (r) {
+@@ -160,21 +160,12 @@
+ 
+ QByteArray Polkit1Backend::callerID() const
+ {
+-    QByteArray a;
+-    QDataStream s(&a, QIODevice::WriteOnly);
+-    s << QCoreApplication::applicationPid();
+-
+-    return a;
++    return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+ 
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+-    QDataStream s(&callerID, QIODevice::ReadOnly);
+-    qint64 pid;
+-
+-    s >> pid;
+-
+-    PolkitQt1::UnixProcessSubject subject(pid);
++    PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+     PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+ 
+     PolkitResultEventLoop e;
+