diff --git a/qt-x11-free-3.3.8b-CVE-2013-4549.patch b/qt-x11-free-3.3.8b-CVE-2013-4549.patch
index 65351de..09e3a83 100644
--- a/qt-x11-free-3.3.8b-CVE-2013-4549.patch
+++ b/qt-x11-free-3.3.8b-CVE-2013-4549.patch
@@ -1,6 +1,6 @@
 diff -ur qt-x11-free-3.3.8b/src/xml/qxml.cpp qt-x11-free-3.3.8b-CVE-2013-4549/src/xml/qxml.cpp
 --- qt-x11-free-3.3.8b/src/xml/qxml.cpp	2008-01-15 20:09:13.000000000 +0100
-+++ qt-x11-free-3.3.8b-CVE-2013-4549/src/xml/qxml.cpp	2013-12-06 00:49:26.000000000 +0100
++++ qt-x11-free-3.3.8b-CVE-2013-4549/src/xml/qxml.cpp	2014-01-13 21:03:14.000000000 +0100
 @@ -4529,6 +4529,11 @@
  		}
  		break;
@@ -60,7 +60,7 @@ diff -ur qt-x11-free-3.3.8b/src/xml/qxml.cpp qt-x11-free-3.3.8b-CVE-2013-4549/sr
 +
 +        if (expandedSizes[entity] > entityCharacterLimit) {
 +            if (errorMessage) {
-+                *errorMessage = QString::fromLatin1("The XML entity \"%1\" expands too a string that is too large to process (%2 characters > %3).");
++                *errorMessage = QString::fromLatin1("The XML entity \"%1\" expands to a string that is too large to process (%2 characters > %3).");
 +                *errorMessage = (*errorMessage).arg(entity).arg(expandedSizes[entity]).arg(entityCharacterLimit);
 +            }
 +            return TRUE;
@@ -87,7 +87,7 @@ diff -ur qt-x11-free-3.3.8b/src/xml/qxml.cpp qt-x11-free-3.3.8b-CVE-2013-4549/sr
  			if ( !declHnd->internalEntityDecl( name(), string() ) ) {
 diff -ur qt-x11-free-3.3.8b/src/xml/qxml.h qt-x11-free-3.3.8b-CVE-2013-4549/src/xml/qxml.h
 --- qt-x11-free-3.3.8b/src/xml/qxml.h	2008-01-15 20:09:13.000000000 +0100
-+++ qt-x11-free-3.3.8b-CVE-2013-4549/src/xml/qxml.h	2013-12-05 23:53:14.000000000 +0100
++++ qt-x11-free-3.3.8b-CVE-2013-4549/src/xml/qxml.h	2014-01-13 21:03:02.000000000 +0100
 @@ -307,6 +307,12 @@
  
      QXmlSimpleReaderPrivate* d;
@@ -96,7 +96,7 @@ diff -ur qt-x11-free-3.3.8b/src/xml/qxml.h qt-x11-free-3.3.8b-CVE-2013-4549/src/
 +    // for the DTD currently being parsed.
 +    static const uint dtdRecursionLimit = 2U;
 +    // The maximum amount of characters an entity value may contain, after expansion.
-+    static const uint entityCharacterLimit = 1024U;
++    static const uint entityCharacterLimit = 65536U;
 +
      const QString &string();
      void stringClear();
diff --git a/qt3.spec b/qt3.spec
index 9da786a..42d3c60 100644
--- a/qt3.spec
+++ b/qt3.spec
@@ -6,7 +6,7 @@
 Name: qt3
 Summary: The shared library for the Qt 3 GUI toolkit
 Version: 3.3.8b
-Release: 54%{?dist}
+Release: 55%{?dist}
 License: QPL or GPLv2 or GPLv3
 Group: System Environment/Libraries
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -630,6 +630,10 @@ rm -rf %{buildroot}
 
 
 %changelog
+* Mon Jan 13 2014 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.3.8b-55
+- fix QTBUG-35459 (too low entityCharacterLimit=1024 for CVE-2013-4549)
+- fix QTBUG-35460 (error message for CVE-2013-4549 is misspelled)
+
 * Thu Dec 05 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 3.3.8b-54
 - backport CVE-2013-4549 fix from Qt 4