diff -Nru kdeplasma-addons-4.10.3/debian/changelog kdeplasma-addons-4.10.3/debian/changelog
--- kdeplasma-addons-4.10.3/debian/changelog	2013-05-27 12:25:29.000000000 +0100
+++ kdeplasma-addons-4.10.3/debian/changelog	2013-06-04 12:19:00.000000000 +0100
@@ -1,3 +1,14 @@
+kdeplasma-addons (4:4.10.3-0ubuntu0.1~ubuntu13.04.1) raring-security; urgency=low
+
+  * SECURITY UPDATE: limited randomness in password generation
+   - kubuntu_02_random_password_generator.diff: in
+     applets/paste/pastemacroexpander.cpp: use KRandom to generate
+     password to ensure best possible randomness
+   - CVE-2013-2120
+   - LP: #1179380
+
+ -- Jonathan Riddell <jriddell@ubuntu.com>  Tue, 04 Jun 2013 12:17:11 +0100
+
 kdeplasma-addons (4:4.10.3-0ubuntu0.1~ubuntu13.04) raring-proposed; urgency=low
 
   * New upstream bugfix release (LP: #1176358)
diff -Nru kdeplasma-addons-4.10.3/debian/patches/kubuntu_02_random_password_generator.diff kdeplasma-addons-4.10.3/debian/patches/kubuntu_02_random_password_generator.diff
--- kdeplasma-addons-4.10.3/debian/patches/kubuntu_02_random_password_generator.diff	1970-01-01 01:00:00.000000000 +0100
+++ kdeplasma-addons-4.10.3/debian/patches/kubuntu_02_random_password_generator.diff	2013-06-04 12:17:03.000000000 +0100
@@ -0,0 +1,75 @@
+commit 36a1fe49cb70f717c4a6e9eeee2c9186503a8dce
+Author: Aaron Seigo <aseigo@kde.org>
+Date:   Mon Jun 3 19:16:32 2013 +0200
+
+    use KRandom, avoid modulo bias
+
+diff --git a/applets/paste/pastemacroexpander.cpp b/applets/paste/pastemacroexpander.cpp
+index ea6163f..d0a8b49 100644
+--- a/applets/paste/pastemacroexpander.cpp
++++ b/applets/paste/pastemacroexpander.cpp
+@@ -27,6 +27,7 @@
+ #include <KDebug>
+ #include <KLocale>
+ #include <KMessageBox>
++#include <KRandom>
+ 
+ class PasteMacroExpanderSingleton
+ {
+@@ -142,35 +143,49 @@ QString PasteMacroExpander::password(const QString& args)
+             << "01234567890"
+             << "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~";
+ 
+-    int charCount;
++    int charCount = 8;
+     QString chars;
+     QString result;
+ 
+     if (a.count() > 0) {
+-        charCount = qMax(a[0].trimmed().toInt(), 1);
+-    } else {
+-        charCount = 8;
++        charCount = qMax(a[0].trimmed().toInt(), 8);
+     }
++
+     if (a.count() < 2) {
+         chars = characterSets.join("");
+     }
++
+     if (a.count() > 1) {
+         chars += (a[1].trimmed() == "true") ? characterSets[0] : "";
+     }
++
+     if (a.count() > 2) {
+         chars += (a[2].trimmed() == "true") ? characterSets[1] : "";
+     }
++
+     if (a.count() > 3) {
+         chars += (a[3].trimmed() == "true") ? characterSets[2] : "";
+     }
++
+     if (a.count() > 4) {
+         chars += (a[4].trimmed() == "true") ? characterSets[3] : "";
+     }
+ 
+-    QDateTime now = QDateTime::currentDateTime();
+-    qsrand(now.toTime_t() / now.time().msec());
++    const int setSize = chars.count();
++    const int top = (RAND_MAX / setSize) * setSize;
++    kDebug() << "topping out at " << setSize << RAND_MAX << top;
+     for (int i = 0; i < charCount; ++i) {
+-        result += chars[qrand() % chars.count()];
++        // to prevent modulo bias, discard random numbers at the
++        // 'top end' of INT_MAX
++        int rand = -1;
++        do {
++            if (rand > 0) {
++                kDebug() << "Ha!" << rand;
++            }
++            rand = KRandom::random();
++        } while (rand >= top);
++
++        result += chars[rand % setSize];
+     }
+     //kDebug() << result;
+     return result;
diff -Nru kdeplasma-addons-4.10.3/debian/patches/series kdeplasma-addons-4.10.3/debian/patches/series
--- kdeplasma-addons-4.10.3/debian/patches/series	2013-04-05 18:31:47.000000000 +0100
+++ kdeplasma-addons-4.10.3/debian/patches/series	2013-06-04 12:17:07.000000000 +0100
@@ -1 +1,2 @@
 kubuntu_01_news_applet_name.diff
+kubuntu_02_random_password_generator.diff