diff -Nru kdepim-4.7.4+git111222/debian/changelog kdepim-4.7.4+git111222/debian/changelog
--- kdepim-4.7.4+git111222/debian/changelog	2012-01-11 09:49:25.000000000 -0500
+++ kdepim-4.7.4+git111222/debian/changelog	2012-07-09 15:18:17.000000000 -0400
@@ -1,3 +1,12 @@
+kdepim (4:4.7.4+git111222-0ubuntu0.2) oneiric-security; urgency=high
+
+  * SECURITY UPDATE: Disable JavaScript, Java, and Plugins by default in
+    kmail/kontact messageviewer's quote colorer (LP: #1022690)
+  * References
+  * Upstream Git dbb2f72f4745e00f53031965a9c10b2d6862bd54
+
+ -- Scott Kitterman <scott@kitterman.com>  Mon, 09 Jul 2012 15:17:43 -0400
+
 kdepim (4:4.7.4+git111222-0ubuntu0.1) oneiric-proposed; urgency=low
 
   * New upstream bugfix release plus git snapshot for additional bug fixing
diff -Nru kdepim-4.7.4+git111222/debian/patches/htmlquotecolorer_security.diff kdepim-4.7.4+git111222/debian/patches/htmlquotecolorer_security.diff
--- kdepim-4.7.4+git111222/debian/patches/htmlquotecolorer_security.diff	1969-12-31 19:00:00.000000000 -0500
+++ kdepim-4.7.4+git111222/debian/patches/htmlquotecolorer_security.diff	2012-07-09 15:16:50.000000000 -0400
@@ -0,0 +1,27 @@
+Description: Default JS, Java, and Plugins to disabled in html quote colerer
+ kdepim (4:4.8.4a-0ubuntu0.2) precise-security; urgency=high
+ .
+   * SECURITY UPDATE: Disable JavaScript, Java, and Plugins by default in
+     kmail/kontact messageviewer's quote colorer (LP: #1022690)
+   * References
+   * Upstream Git dbb2f72f4745e00f53031965a9c10b2d6862bd54
+Author: Scott Kitterman <scott@kitterman.com>
+Bug-Ubuntu: https://bugs.launchpad.net/bugs/1022690
+Origin: <upstream>, <http://commits.kde.org/kdepim/dbb2f72f4745e00f53031965a9c10b2d6862bd54>
+Forwarded: <not-needed>
+Reviewed-By: <name and email of someone who approved the patch>
+Last-Update: <2012-07-09>
+
+--- kdepim-4.8.4a.orig/messageviewer/htmlquotecolorer.cpp
++++ kdepim-4.8.4a/messageviewer/htmlquotecolorer.cpp
+@@ -40,6 +40,10 @@ QString HTMLQuoteColorer::process( const
+ #ifndef KDEPIM_NO_WEBKIT
+   // Create a DOM Document from the HTML source
+   QWebPage page(0);
++  page.settings()->setAttribute( QWebSettings::JavascriptEnabled, false );
++  page.settings()->setAttribute( QWebSettings::JavaEnabled, false );
++  page.settings()->setAttribute( QWebSettings::PluginsEnabled, false );
++
+   QWebFrame *frame = page.mainFrame();
+   frame->setHtml( htmlSource );
+   
diff -Nru kdepim-4.7.4+git111222/debian/patches/series kdepim-4.7.4+git111222/debian/patches/series
--- kdepim-4.7.4+git111222/debian/patches/series	2011-12-22 14:12:17.000000000 -0500
+++ kdepim-4.7.4+git111222/debian/patches/series	2012-07-09 15:17:10.000000000 -0400
@@ -2,3 +2,4 @@
 kubuntu_debianize_akregator_default.diff
 kubuntu_install_headers.diff
 fix_mem_leak_backport.diff
+htmlquotecolorer_security.diff