diff --git a/gimp-CVE-2012-3236.patch b/gimp-CVE-2012-3236.patch
new file mode 100644
index 0000000..5199857
--- /dev/null
+++ b/gimp-CVE-2012-3236.patch
@@ -0,0 +1,38 @@
+From 0474376d234bc3d0901fd5e86f89d778a6473dd8 Mon Sep 17 00:00:00 2001
+From: Michael Natterer <mitch@gimp.org>
+Date: Wed, 06 Jun 2012 19:21:10 +0000
+Subject: Bug 676804 - file handling DoS for fit file format
+
+Apply patch from joe@reactionis.co.uk which fixes a buffer overflow on
+broken/malicious fits files.
+(cherry picked from commit ace45631595e8781a1420842582d67160097163c)
+---
+diff --git a/plug-ins/file-fits/fits-io.c b/plug-ins/file-fits/fits-io.c
+index 03d9652..ed77318 100644
+--- a/plug-ins/file-fits/fits-io.c
++++ b/plug-ins/file-fits/fits-io.c
+@@ -1054,10 +1054,18 @@ static FITS_HDU_LIST *fits_decode_header (FITS_RECORD_LIST *hdr,
+  hdulist->used.simple = (strncmp (hdr->data, "SIMPLE  ", 8) == 0);
+  hdulist->used.xtension = (strncmp (hdr->data, "XTENSION", 8) == 0);
+  if (hdulist->used.xtension)
+- {
+-   fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring);
+-   strcpy (hdulist->xtension, fdat->fstring);
+- }
++   {
++     fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring);
++     if (fdat != NULL)
++       {
++         strcpy (hdulist->xtension, fdat->fstring);
++       }
++     else
++       {
++         strcpy (errmsg, "No valid XTENSION header found.");
++         goto err_return;
++       }
++   }
+ 
+  FITS_DECODE_CARD (hdr, "NAXIS", fdat, typ_flong);
+  hdulist->naxis = fdat->flong;
+--
+cgit v0.9.0.2
diff --git a/gimp.changes b/gimp.changes
index 2275e28..024310e 100644
--- a/gimp.changes
+++ b/gimp.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Jun 25 09:51:07 CEST 2012 - vuntz@opensuse.org
+
+- Add gimp-CVE-2012-3236.patch: fix crash in file handling for fit
+  files. Fix CVE-2012-3236, bnc#768376.
+
 -------------------------------------------------------------------
 Mon May 14 13:05:34 UTC 2012 - vuntz@opensuse.org
 
diff --git a/gimp.spec b/gimp.spec
index 63723dc..298eebb 100644
--- a/gimp.spec
+++ b/gimp.spec
@@ -81,6 +81,8 @@ Source1:        macros.gimp
 # openSUSE palette file
 Source2:        openSUSE.gpl
 Source99:       baselibs.conf
+# PATCH-FIX-UPSTREAM gimp-CVE-2012-3236.patch bnc#768376 bgo#676804 CVE-2012-3236 vuntz@opensuse.org -- Fix crash in file handling for fit files, taken from git
+Patch0:         gimp-CVE-2012-3236.patch
 Requires:       %{name}-branding = %{version}
 Recommends:     %{name}-lang
 Recommends:     %{name}-help-browser
@@ -246,6 +248,7 @@ translation-update-upstream po-python gimp20-python
 translation-update-upstream po-script-fu gimp20-script-fu
 translation-update-upstream po-plug-ins gimp20-std-plug-ins
 translation-update-upstream po-tips gimp20-tips
+%patch0 -p1
 # Safety check for ABI version change.
 vabi=`printf "%d" $(sed -n '/#define GIMP_MODULE_ABI_VERSION/{s/.* //;p}' libgimpmodule/gimpmodule.h)`
 if test "x${vabi}" != "x%{abiver}"; then