diff -u kdebase-3.5.2/debian/changelog kdebase-3.5.2/debian/changelog
--- kdebase-3.5.2/debian/changelog
+++ kdebase-3.5.2/debian/changelog
@@ -1,3 +1,17 @@
+kdebase (4:3.5.2-0ubuntu27.2) dapper-security; urgency=low
+
+  * SECURITY UPDATE: KDM password-less login
+  * KDM can be tricked into performing a password-less login even for accounts
+    with a password set under certain circumstances, namely autologin to be
+    configured and "shutdown with password" enabled.
+  * Add kubuntu_sec_03_kdm_pwless_login.diff for session.c to fix KDM
+    password-less and autologin configuration.
+  * References:
+    - http://www.kde.org/info/security/advisory-20070919-1.txt
+    - CVE-2007-4569
+
+ -- Richard A. Johnson <nixternal@ubuntu.com>  Thu, 20 Sep 2007 16:15:52 -0500
+
 kdebase (4:3.5.2-0ubuntu27.1) dapper-security; urgency=low
 
   * SECURITY UPDATE: konqueror address bar spoofing
only in patch2:
unchanged:
--- kdebase-3.5.2.orig/debian/patches/kubuntu_sec_03_kdm_pwless_login.diff
+++ kdebase-3.5.2/debian/patches/kubuntu_sec_03_kdm_pwless_login.diff
@@ -0,0 +1,64 @@
+diff -Nru kdebase-3.5.2.orig/kdm/backend/session.c kdebase-3.5.2/kdm/backend/session.c
+--- kdebase-3.5.2.orig/kdm/backend/session.c	2006-01-19 11:03:14.000000000 -0600
++++ kdebase-3.5.2/kdm/backend/session.c	2007-09-20 16:12:45.000000000 -0500
+@@ -121,8 +121,9 @@
+ static void
+ DoAutoLogon( void )
+ {
+-	StrDup( &curuser, td->autoUser );
+-	StrDup( &curpass, td->autoPass );
++	ReStr( &curuser, td->autoUser );
++	ReStr( &curpass, td->autoPass );
++	ReStr( &curtype, "classic" );
+ 	cursource = PWSRC_AUTOLOGIN;
+ }
+ 
+@@ -141,7 +142,9 @@
+ 		td->hstent->npass = 0;
+ 		newdmrc = td->hstent->nargs;
+ 		td->hstent->nargs = 0;
++		ReStr( &curtype, "classic" );
+ 		cursource = (td->hstent->rLogin == 1) ? PWSRC_RELOGIN : PWSRC_MANUAL;
++		return 1;
+ 	} else if (*td->autoUser && !td->autoDelay && (tdiff > 0 || td->autoAgain))
+ 	{
+ 		unsigned int lmask;
+@@ -153,11 +156,9 @@
+ 		if (lmask & ShiftMask)
+ 			return 0;
+ 		DoAutoLogon();
+-	} else {
+-		cursource = PWSRC_MANUAL;
+-		return 0;
++		return 1;
+ 	}
+-	return 1;
++	return 0;
+ }
+ 
+ 
+@@ -369,6 +370,7 @@
+ 			if (curtype) free( curtype );
+ 			curtype = GRecvStr();
+ 			Debug( " type %\"s\n", curtype );
++			cursource = PWSRC_MANUAL;
+ 			if (Verify( conv_interact, rootok )) {
+ 				Debug( " -> return success\n" );
+ 				GSendInt( V_OK );
+@@ -378,7 +380,6 @@
+ 		case G_AutoLogin:
+ 			Debug( "G_AutoLogin\n" );
+ 			DoAutoLogon();
+-			StrDup( &curtype, "classic" );
+ 			if (Verify( conv_auto, FALSE )) {
+ 				Debug( " -> return success\n" );
+ 				GSendInt( V_OK );
+@@ -565,7 +566,7 @@
+ 	tdiff = td->autoAgain ? 
+ 	           1 : time( 0 ) - td->hstent->lastExit - td->openDelay;
+ 	if (AutoLogon( tdiff )) {
+-		if (!StrDup( &curtype, "classic" ) || !Verify( conv_auto, FALSE ))
++		if (!Verify( conv_auto, FALSE ))
+ 			goto gcont;
+ 		if (greeter)
+ 			GSendInt( V_OK );