diff --git a/SOURCES/openscap-1.2.12-oscap-docker-incompliance.patch b/SOURCES/openscap-1.2.12-oscap-docker-incompliance.patch
new file mode 100644
index 0000000..5621480
--- /dev/null
+++ b/SOURCES/openscap-1.2.12-oscap-docker-incompliance.patch
@@ -0,0 +1,44 @@
+From 5ffdcf51b500494ac235a6a0160c126fc6f2144c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
+Date: Mon, 24 Oct 2016 10:30:07 +0200
+Subject: [PATCH] Issue#475: RHBZ#1387248: Fix oscap-docker reporting
+ incompliance
+
+Compliance scan of a Docker image/container using oscap-docker reported
+incorrectly that there had been an error even if scan had been successful
+but incompliance of the assessed system had been found.
+---
+ utils/oscap_docker_python/oscap_docker_util.py | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/utils/oscap_docker_python/oscap_docker_util.py b/utils/oscap_docker_python/oscap_docker_util.py
+index 210ac57..8ca31b5 100644
+--- a/utils/oscap_docker_python/oscap_docker_util.py
++++ b/utils/oscap_docker_python/oscap_docker_util.py
+@@ -119,19 +119,19 @@ def oscap_chroot(self, target, image, chroot_path, *oscap_args):
+         os.environ["OSCAP_PROBE_"
+                    "PRIMARY_HOST_NAME"] = "{0}-{1}".format(target, image)
+         cmd = ['oscap'] + [x for x in oscap_args]
+-        try:
+-            run = subprocess.check_output(cmd)
+-        except Exception as error:
+-            print("\nCommand: {0} failed!\n".format(" ".join(cmd)))
+-            print("Error was:\n")
+-            print(error)
++        oscap_process = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
++        oscap_stdout, oscap_stderr = oscap_process.communicate()
++        if oscap_process.returncode not in [0, 2]:
++            sys.stderr.write("\nCommand: {0} failed!\n".format(" ".join(cmd)))
++            sys.stderr.write("Command returned exit code {0}.\n".format(oscap_process.returncode))
++            sys.stderr.write(oscap_stderr.decode("utf-8") + "\n")
+ 
+             # Clean up
+             self._cleanup_by_path(chroot_path)
+ 
+             sys.exit(1)
+ 
+-        return run.decode("utf-8")
++        return oscap_stdout.decode("utf-8")
+ 
+     def _scan_cve(self, chroot, dist, scan_args):
+         '''
diff --git a/SPECS/openscap.spec b/SPECS/openscap.spec
index cd9fd7a..cb28f0c 100644
--- a/SPECS/openscap.spec
+++ b/SPECS/openscap.spec
@@ -6,13 +6,14 @@ restorecon -R /usr/bin/oscap /usr/libexec/openscap; \
 
 Name:           openscap
 Version:        1.2.10
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Set of open source libraries enabling integration of the SCAP line of standards
 Group:          System Environment/Libraries
 License:        LGPLv2+
 URL:            http://www.open-scap.org/
 Source0:        http://fedorahosted.org/releases/o/p/openscap/%{name}-%{version}.tar.gz
 Patch1:         openscap-1.2.10-oscap-docker-urllib.patch
+Patch2:         openscap-1.2.12-oscap-docker-incompliance.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires:  swig libxml2-devel libxslt-devel perl-XML-Parser
 BuildRequires:  rpm-devel
@@ -117,6 +118,7 @@ for developing applications that use %{name}-engine-sce.
 %prep
 %setup -q
 %patch1 -p1
+%patch2 -p1
 
 %build
 %ifarch sparc64
@@ -256,6 +258,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/libopenscap_sce.so.*
 
 %changelog
+* Thu Jan 05 2017 Raphael Sanchez Prudencio <rsprudencio@redhat.com> - 1.2.10-3
+- fix oscap-docker bug that incorrectly informs about incompliance of the assessed system (#1410409)
+
 * Mon Sep 05 2016 Jan Černý <jcerny@redhat.com> - 1.2.10-2
 - fix oscap-docker to follow the proxy settings (#1351952)