diff --git a/0a8096adf165e2465550bd5893d7e352544e5967.patch b/0a8096adf165e2465550bd5893d7e352544e5967.patch
new file mode 100644
index 0000000..62e6c2f
--- /dev/null
+++ b/0a8096adf165e2465550bd5893d7e352544e5967.patch
@@ -0,0 +1,155 @@
+From d729ce7c2063c0de746a7c2ea39697040d0af5bf Mon Sep 17 00:00:00 2001
+From: Min RK <benjaminrk@gmail.com>
+Date: Mon, 20 Jul 2015 12:10:10 -0700
+Subject: [PATCH 1/4] set mime-type on /files/
+
+---
+ IPython/html/files/handlers.py | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/IPython/html/files/handlers.py b/IPython/html/files/handlers.py
+index 7727d08..b358d94 100644
+--- a/IPython/html/files/handlers.py
++++ b/IPython/html/files/handlers.py
+@@ -40,6 +40,11 @@ def get(self, path):
+             cur_mime = mimetypes.guess_type(name)[0]
+             if cur_mime is not None:
+                 self.set_header('Content-Type', cur_mime)
++            else:
++                if model['format'] == 'base64':
++                    self.set_header('Content-Type', 'application/octet-stream')
++                else:
++                    self.set_header('Content-Type', 'text/plain')
+         
+         if model['format'] == 'base64':
+             b64_bytes = model['content'].encode('ascii')
+
+From 50a1366a8fcfb94671c87199515ebc922882f447 Mon Sep 17 00:00:00 2001
+From: Min RK <benjaminrk@gmail.com>
+Date: Mon, 20 Jul 2015 12:10:25 -0700
+Subject: [PATCH 2/4] set model mimetype, even when content=False
+
+---
+ IPython/html/services/contents/filemanager.py | 12 +++++++-----
+ IPython/html/services/contents/handlers.py    |  3 ---
+ 2 files changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/IPython/html/services/contents/filemanager.py b/IPython/html/services/contents/filemanager.py
+index 01ce07b..c869c75 100644
+--- a/IPython/html/services/contents/filemanager.py
++++ b/IPython/html/services/contents/filemanager.py
+@@ -277,18 +277,20 @@ def _file_model(self, path, content=True, format=None):
+         model['type'] = 'file'
+ 
+         os_path = self._get_os_path(path)
++        model['mimetype'] = mimetypes.guess_type(os_path)[0]
+ 
+         if content:
+             content, format = self._read_file(os_path, format)
+-            default_mime = {
+-                'text': 'text/plain',
+-                'base64': 'application/octet-stream'
+-            }[format]
++            if model['mimetype'] is None:
++                default_mime = {
++                    'text': 'text/plain',
++                    'base64': 'application/octet-stream'
++                }[format]
++                model['mimetype'] = default_mime
+ 
+             model.update(
+                 content=content,
+                 format=format,
+-                mimetype=mimetypes.guess_type(os_path)[0] or default_mime,
+             )
+ 
+         return model
+diff --git a/IPython/html/services/contents/handlers.py b/IPython/html/services/contents/handlers.py
+index 5cd849e..d77e70e 100644
+--- a/IPython/html/services/contents/handlers.py
++++ b/IPython/html/services/contents/handlers.py
+@@ -52,9 +52,6 @@ def validate_model(model, expect_content):
+         )
+ 
+     maybe_none_keys = ['content', 'format']
+-    if model['type'] == 'file':
+-        # mimetype should be populated only for file models
+-        maybe_none_keys.append('mimetype')
+     if expect_content:
+         errors = [key for key in maybe_none_keys if model[key] is None]
+         if errors:
+
+From df24d9153b86863ccfa98bf509704d9304143ce1 Mon Sep 17 00:00:00 2001
+From: Min RK <benjaminrk@gmail.com>
+Date: Mon, 20 Jul 2015 12:11:04 -0700
+Subject: [PATCH 3/4] only redirect to editor for text documents
+
+treat unidentified mime-types as text
+---
+ IPython/html/static/tree/js/notebooklist.js | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/IPython/html/static/tree/js/notebooklist.js b/IPython/html/static/tree/js/notebooklist.js
+index 0065143..d8c7b2a 100644
+--- a/IPython/html/static/tree/js/notebooklist.js
++++ b/IPython/html/static/tree/js/notebooklist.js
+@@ -532,6 +532,13 @@ define([
+             icon = 'running_' + icon;
+         }
+         var uri_prefix = NotebookList.uri_prefixes[model.type];
++        if (model.type === 'file' &&
++            model.mimetype && model.mimetype.substr(0,5) !== 'text/'
++        ) {
++            // send text/unidentified files to editor, others go to raw viewer
++            uri_prefix = 'files';
++        }
++        
+         item.find(".item_icon").addClass(icon).addClass('icon-fixed-width');
+         var link = item.find("a.item_link")
+             .attr('href',
+
+From 2b835ca6daec2592d9127dc85bf2cdcfb718edf2 Mon Sep 17 00:00:00 2001
+From: Min RK <benjaminrk@gmail.com>
+Date: Mon, 20 Jul 2015 12:11:23 -0700
+Subject: [PATCH 4/4] Don't redirect from /edit/ to /files/
+
+show failure to decode, instead
+---
+ IPython/html/static/edit/js/editor.js | 15 +++------------
+ 1 file changed, 3 insertions(+), 12 deletions(-)
+
+diff --git a/IPython/html/static/edit/js/editor.js b/IPython/html/static/edit/js/editor.js
+index dd12ea4..75d65e0 100644
+--- a/IPython/html/static/edit/js/editor.js
++++ b/IPython/html/static/edit/js/editor.js
+@@ -90,19 +90,10 @@ function($,
+             }).catch(
+             function(error) {
+                 that.events.trigger("file_load_failed.Editor", error);
+-                if (((error.xhr||{}).responseJSON||{}).reason === 'bad format') {
+-                    window.location = utils.url_path_join(
+-                        that.base_url,
+-                        'files',
+-                        that.file_path
+-                    );
+-                } else {
+-                    console.warn('Error while loading: the error was:')
+-                    console.warn(error)
+-                }
++                console.warn('Error loading: ', error);
+                 cm.setValue("Error! " + error.message +
+                                 "\nSaving disabled.\nSee Console for more details.");
+-                cm.setOption('readOnly','nocursor')
++                cm.setOption('readOnly','nocursor');
+                 that.save_enabled = false;
+             }
+         );
+@@ -186,7 +177,7 @@ function($,
+     Editor.prototype._clean_state = function(){
+         var clean = this.codemirror.isClean(this.generation);
+         if (clean === this.clean){
+-            return
++            return;
+         } else {
+             this.clean = clean;
+         }
diff --git a/ipython.spec b/ipython.spec
index 96f1ede..7c5108e 100644
--- a/ipython.spec
+++ b/ipython.spec
@@ -14,7 +14,7 @@
 
 Name:           ipython
 Version:        3.2.1
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        An enhanced interactive Python shell
 
 # See bug #603178 for a quick overview for the choice of licenses
@@ -28,6 +28,9 @@ Patch0:         ipython-2.1.0-_jsdir-search-path.patch
 # Fix XSS vulnerability in notebook HTML template handling
 # https://bugzilla.redhat.com/show_bug.cgi?id=1259405
 Patch1:         https://github.com/ipython/ipython/commit/3ab41641cf6fce3860c73d5cf4645aa12e1e5892.patch
+# Fix Maliciously crafted files can be executed due to wrong file type determination
+# https://bugzilla.redhat.com/show_bug.cgi?id=1264067
+Patch2:         https://github.com/ipython/ipython/commit/0a8096adf165e2465550bd5893d7e352544e5967.patch
 
 BuildArch:      noarch
 BuildRequires:  python-devel
@@ -713,6 +716,9 @@ popd
 %endif # with_python3
 
 %changelog
+* Thu Sep 19 2015 Orion Poplawski <orion@cora.nwra.com> - 3.2.1-3
+- Add upstream patch to fix file execution vulnerability (bug #1264068)
+
 * Wed Sep 2 2015 Orion Poplawski <orion@cora.nwra.com> - 3.2.1-2
 - Add upstream patch to fix XSS vulnerability (bug #1259405)