diff --git a/qt5-qtwebengine.spec b/qt5-qtwebengine.spec
index 2e7d1b7..cd048c7 100644
--- a/qt5-qtwebengine.spec
+++ b/qt5-qtwebengine.spec
@@ -50,7 +50,7 @@
 Summary: Qt5 - QtWebEngine components
 Name:    qt5-qtwebengine
 Version: 5.10.1
-Release: 3%{?dist}
+Release: 4%{?dist}
 
 # See LICENSE.GPL LICENSE.LGPL LGPL_EXCEPTION.txt, for details
 # See also http://qt-project.org/doc/qt-5.0/qtdoc/licensing.html
@@ -122,6 +122,9 @@ Patch100: qtwebengine-everywhere-src-5.10.0-no-aspirational-scripts.patch
 # see the patch metadata for the list of fixed CVEs and Chromium bug IDs
 # omit the Chromium bug 806122 fix because we do not ship that FFmpeg file
 Patch101: qtwebengine-everywhere-src-5.10.1-security-5.9.5.patch
+# fix incomplete (and thus having no effect) fix for CVE-2018-6033 in 5.10.1
+# (forward-ported from 5.9.5, will also be included in 5.11)
+Patch102: qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch
 
 # handled by qt5-srpm-macros, which defines %%qt5_qtwebengine_arches
 ExclusiveArch: %{qt5_qtwebengine_arches}
@@ -372,6 +375,7 @@ BuildArch: noarch
 %patch22 -p1 -b .icu59
 %patch100 -p1 -b .no-aspirational-scripts
 %patch101 -p1 -b .security-5.9.5
+%patch102 -p1 -b .CVE-2018-6033
 # fix // in #include in content/renderer/gpu to avoid debugedit failure
 sed -i -e 's!gpu//!gpu/!g' \
   src/3rdparty/chromium/content/renderer/gpu/compositor_forwarding_message_filter.cc
@@ -577,6 +581,9 @@ done
 
 
 %changelog
+* Sun Mar 18 2018 Kevin Kofler <Kevin@tigcc.ticalc.org> - 5.10.1-4
+- Fix incomplete fix for CVE-2018-6033 in 5.10.1 (forward-ported from 5.9.5)
+
 * Sat Mar 17 2018 Kevin Kofler <Kevin@tigcc.ticalc.org> - 5.10.1-3
 - Forward-port security backports from 5.9.5 LTS (up to Chromium 65.0.3325.146)
 
diff --git a/qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch b/qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch
new file mode 100644
index 0000000..8b97a2c
--- /dev/null
+++ b/qtwebengine-everywhere-src-5.10.1-CVE-2018-6033.patch
@@ -0,0 +1,64 @@
+From 1fd21185614dcae0c7a6e5647ba56cff0120f563 Mon Sep 17 00:00:00 2001
+Message-Id: <1fd21185614dcae0c7a6e5647ba56cff0120f563.1521386919.git.kevin.kofler@chello.at>
+From: Michal Klocek <michal.klocek@qt.io>
+Date: Wed, 7 Mar 2018 18:36:25 +0100
+Subject: [PATCH] Implement IsMostRecentDownloadItemAtFilePath call
+
+Implement IsMostRecentDownloadItemAtFilePath
+for download_manager_delegate_qt. This is required for
+CVE-2018-6033.
+
+Change-Id: I9f48dfa159d684f0fda894e68b81ff622aceaae2
+Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
+---
+ src/core/download_manager_delegate_qt.cpp | 20 ++++++++++++++++++++
+ src/core/download_manager_delegate_qt.h   |  2 ++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/src/core/download_manager_delegate_qt.cpp b/src/core/download_manager_delegate_qt.cpp
+index 40df9b3a..487a831e 100644
+--- a/src/core/download_manager_delegate_qt.cpp
++++ b/src/core/download_manager_delegate_qt.cpp
+@@ -293,6 +293,26 @@ void DownloadManagerDelegateQt::ChooseSavePath(content::WebContents *web_content
+                             m_weakPtrFactory.GetWeakPtr()));
+ }
+ 
++bool DownloadManagerDelegateQt::IsMostRecentDownloadItemAtFilePath(content::DownloadItem *download)
++{
++    content::BrowserContext *context = download->GetBrowserContext();
++    std::vector<content::DownloadItem*> all_downloads;
++
++    content::DownloadManager* manager =
++            content::BrowserContext::GetDownloadManager(context);
++    if (manager)
++        manager->GetAllDownloads(&all_downloads);
++
++    for (const auto* item : all_downloads) {
++        if (item->GetGuid() == download->GetGuid() ||
++                item->GetTargetFilePath() != download->GetTargetFilePath())
++            continue;
++        if (item->GetState() == content::DownloadItem::IN_PROGRESS)
++            return false;
++    }
++    return true;
++}
++
+ void DownloadManagerDelegateQt::savePackageDownloadCreated(content::DownloadItem *item)
+ {
+     OnDownloadUpdated(item);
+diff --git a/src/core/download_manager_delegate_qt.h b/src/core/download_manager_delegate_qt.h
+index df43211e..7563d5d3 100644
+--- a/src/core/download_manager_delegate_qt.h
++++ b/src/core/download_manager_delegate_qt.h
+@@ -81,6 +81,8 @@ public:
+                         const base::FilePath::StringType &default_extension,
+                         bool can_save_as_complete,
+                         const content::SavePackagePathPickedCallback &callback) override;
++    bool IsMostRecentDownloadItemAtFilePath(content::DownloadItem* download) override;
++
+ 
+     void cancelDownload(quint32 downloadId);
+     void pauseDownload(quint32 downloadId);
+-- 
+2.14.3
+