Hi, I do not use kde4 yet, but I found official security patch (fixes CVE-2008-1670): SOURCE2=post-kde-4.0.3-khtml.diff SOURCE2_URL=$KDE_URL/security_patches/ If someone of devs use kde4 please check and commit the patch to moonbase. have a nice day, Zbigniew Luszpinski