diff --git a/SOURCES/0001-gesture-action-fix-memory-corruption.patch b/SOURCES/0001-gesture-action-fix-memory-corruption.patch
new file mode 100644
index 0000000..ad54924
--- /dev/null
+++ b/SOURCES/0001-gesture-action-fix-memory-corruption.patch
@@ -0,0 +1,94 @@
+From 27fdd41e4aa8ae1c5e6a4be92a273381fac0c594 Mon Sep 17 00:00:00 2001
+From: Lionel Landwerlin <llandwerlin@gmail.com>
+Date: Tue, 15 Oct 2013 18:23:46 +0100
+Subject: [PATCH] gesture-action: fix memory corruption
+
+abcf1d589f29ba7914d5648bb9814ad26c13cd83 introduced a crasher because
+the 'point' variable points to a piece of memory that is being
+reallocated by the begin_gesture (by a g_array_set_size) call 5 lines
+before.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=710227
+---
+ clutter/clutter-gesture-action.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/clutter/clutter-gesture-action.c b/clutter/clutter-gesture-action.c
+index 2846227..975c5a4 100644
+--- a/clutter/clutter-gesture-action.c
++++ b/clutter/clutter-gesture-action.c
+@@ -359,65 +359,69 @@ stage_captured_event_cb (ClutterActor       *stage,
+         /* we might miss a button-release event in case of grabs,
+          * so we need to check whether the button is still down
+          * during a motion event
+          */
+         if (!(mods & CLUTTER_BUTTON1_MASK))
+           {
+             cancel_gesture (action);
+             return CLUTTER_EVENT_PROPAGATE;
+           }
+       }
+       /* Follow same code path as a touch event update */
+ 
+     case CLUTTER_TOUCH_UPDATE:
+       if (!priv->in_gesture)
+         {
+           if (priv->points->len < priv->requested_nb_points)
+             {
+               gesture_update_motion_point (point, event);
+               return CLUTTER_EVENT_PROPAGATE;
+             }
+ 
+           /* Wait until the drag threshold has been exceeded
+            * before starting _TRIGGER_EDGE_AFTER gestures. */
+           if (priv->edge == CLUTTER_GESTURE_TRIGGER_EDGE_AFTER &&
+               gesture_point_pass_threshold (point, event))
+             {
+               gesture_update_motion_point (point, event);
+               return CLUTTER_EVENT_PROPAGATE;
+             }
+ 
+-          if (!begin_gesture(action, actor))
++          if (!begin_gesture (action, actor))
+             {
+-              gesture_update_motion_point (point, event);
++              if ((point = gesture_find_point (action, event, &position)) != NULL)
++                gesture_update_motion_point (point, event);
+               return CLUTTER_EVENT_PROPAGATE;
+             }
++
++          if ((point = gesture_find_point (action, event, &position)) == NULL)
++            return CLUTTER_EVENT_PROPAGATE;
+         }
+ 
+       gesture_update_motion_point (point, event);
+ 
+       g_signal_emit (action, gesture_signals[GESTURE_PROGRESS], 0, actor,
+                      &return_value);
+       if (!return_value)
+         {
+           cancel_gesture (action);
+           return CLUTTER_EVENT_PROPAGATE;
+         }
+ 
+       /* Check if a _TRIGGER_EDGE_BEFORE gesture needs to be cancelled because
+        * the drag threshold has been exceeded. */
+       drag_threshold = gesture_get_threshold ();
+       if (priv->edge == CLUTTER_GESTURE_TRIGGER_EDGE_BEFORE &&
+           ((fabsf (point->press_y - point->last_motion_y) > drag_threshold) ||
+            (fabsf (point->press_x - point->last_motion_x) > drag_threshold)))
+         {
+           cancel_gesture (action);
+           return CLUTTER_EVENT_PROPAGATE;
+         }
+       break;
+ 
+     case CLUTTER_BUTTON_RELEASE:
+     case CLUTTER_TOUCH_END:
+       {
+         gesture_update_release_point (point, event);
+ 
+         if (priv->in_gesture &&
+-- 
+2.3.7
+
diff --git a/SPECS/clutter.spec b/SPECS/clutter.spec
index 40ae743..ca8f06a 100644
--- a/SPECS/clutter.spec
+++ b/SPECS/clutter.spec
@@ -2,7 +2,7 @@
 
 Name:          clutter
 Version:       1.14.4
-Release:       12%{?dist}
+Release:       12%{?dist}.1
 Summary:       Open Source software library for creating rich graphical user interfaces
 
 Group:         Development/Libraries
@@ -29,6 +29,9 @@ Patch7:        Allow-setting-up-quad-buffer-stereo-output.patch
 # https://bugzilla.redhat.com/show_bug.cgi?id=975171
 Patch8:        0001-clutter-offscreen-effect-Allocate-the-cogl-texture-d.patch
 
+# CVE-2015-3213 - https://bugzilla.redhat.com/show_bug.cgi?id=1227103
+Patch9:        0001-gesture-action-fix-memory-corruption.patch
+
 %define cogl_version 1.14.0-6
 
 BuildRequires: glib2-devel mesa-libGL-devel pkgconfig pango-devel
@@ -97,6 +100,7 @@ This package contains documentation for clutter.
 %patch6 -p1 -b .stage-sized-clip
 %patch7 -p1 -b .quadbuffer-stereo
 %patch8 -p1 -b .allocate-offscreen-effect-texture
+%patch9 -p1 -b .CVE-2015-3213
 
 %build
 (autoreconf;
@@ -141,6 +145,10 @@ find %{buildroot} -name '*.la' -exec rm -f {} ';'
 %{_datadir}/gtk-doc/html/cally
 
 %changelog
+* Tue Jun 02 2015 Ray Strode <rstrode@redhat.com> 1.14.4-12.1
+- Fix crash when doing gestures at unlock screen
+  Resolves: rhbz#1227103
+
 * Mon Nov 03 2014 Florian Müllner <fmuellner@redhat.com> 1.14.4-12
 - Include upstream patch to prevent a crash when hitting hardware limits
   Resolves: rhbz#1115162