diff --git a/openssh-6.6.1p1-coverity.patch b/openssh-6.6.1p1-coverity.patch
index 9f71f9c..5ff67b8 100644
--- a/openssh-6.6.1p1-coverity.patch
+++ b/openssh-6.6.1p1-coverity.patch
@@ -168,15 +168,6 @@ diff --git a/progressmeter.c b/progressmeter.c
 index bbbc706..ae6d1aa 100644
 --- a/progressmeter.c
 +++ b/progressmeter.c
-@@ -65,7 +65,7 @@ static void update_progress_meter(int);
- 
- static time_t start;		/* start progress */
- static time_t last_update;	/* last progress update */
--static char *file;		/* name of the file being transferred */
-+static const char *file;	/* name of the file being transferred */
- static off_t start_pos;		/* initial position of transfer */
- static off_t end_pos;		/* ending position of transfer */
- static off_t cur_pos;		/* transfer position as of last refresh */
 @@ -248,7 +248,7 @@ update_progress_meter(int ignore)
  }
  
@@ -185,7 +176,7 @@ index bbbc706..ae6d1aa 100644
 +start_progress_meter(const char *f, off_t filesize, off_t *ctr)
  {
  	start = last_update = monotime();
- 	file = f;
+ 	if (strlen(f) > file_len) {
 diff --git a/progressmeter.h b/progressmeter.h
 index 10bab99..e9ca8f0 100644
 --- a/progressmeter.h
diff --git a/openssh-6.6.1p1-utf8-banner.patch b/openssh-6.6.1p1-utf8-banner.patch
index 1ab8ade..14f29e1 100644
--- a/openssh-6.6.1p1-utf8-banner.patch
+++ b/openssh-6.6.1p1-utf8-banner.patch
@@ -15,78 +15,24 @@ diff --git a/misc.h b/misc.h
 index d4df619..d98b83d 100644
 --- a/misc.h
 +++ b/misc.h
-@@ -106,4 +106,7 @@ char	*read_passphrase(const char *, int);
+@@ -135,4 +135,8 @@ char	*read_passphrase(const char *, int)
  int	 ask_permission(const char *, ...) __attribute__((format(printf, 1, 2)));
  int	 read_keyfile_line(FILE *, const char *, char *, size_t, u_long *);
  
 +/* utf8_stringprep.c */
 +int utf8_stringprep(const char *, char *, size_t);
++void sanitize_utf8(char *, const char *, size_t);
 +
  #endif /* _MISC_H */
-diff --git a/sshconnect2.c b/sshconnect2.c
-index b00658b..08064f4 100644
---- a/sshconnect2.c
-+++ b/sshconnect2.c
-@@ -33,6 +33,8 @@
- 
- #include <errno.h>
- #include <fcntl.h>
-+#include <langinfo.h>
-+#include <locale.h>
- #include <netdb.h>
- #include <pwd.h>
- #include <signal.h>
-@@ -519,21 +521,51 @@ input_userauth_error(int type, u_int32_t seq, void *ctxt)
- 	    "type %d", type);
- }
- 
-+/* Check whether we can display UTF-8 safely */
-+static int
-+utf8_ok(void)
-+{
-+	static int ret = -1;
-+	char *cp;
-+
-+	if (ret == -1) {
-+		setlocale(LC_CTYPE, "");
-+		cp = nl_langinfo(CODESET);
-+		ret = strcmp(cp, "UTF-8") == 0;
-+	}
-+	return ret;
-+}
-+
- /* ARGSUSED */
- void
- input_userauth_banner(int type, u_int32_t seq, void *ctxt)
- {
- 	char *msg, *raw, *lang;
--	u_int len;
-+	u_int done, len;
- 
- 	debug3("input_userauth_banner");
-+
- 	raw = packet_get_string(&len);
- 	lang = packet_get_string(NULL);
- 	if (len > 0 && options.log_level >= SYSLOG_LEVEL_INFO) {
+diff -up openssh-6.8p1/sshconnect2.c.utf8-banner openssh-6.8p1/sshconnect2.c
+--- openssh-6.8p1/sshconnect2.c.utf8-banner	2015-03-18 12:41:28.161713220 +0100
++++ openssh-6.8p1/sshconnect2.c	2015-03-18 12:44:05.483317714 +0100
+@@ -532,7 +534,7 @@ input_userauth_error(int type, u_int32_t
  		if (len > 65536)
  			len = 65536;
  		msg = xmalloc(len * 4 + 1); /* max expansion from strnvis() */
 -		strnvis(msg, raw, len * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
-+		done = 0;
-+		if (utf8_ok()) {
-+			if (utf8_stringprep(raw, msg, len * 4 + 1) == 0)
-+				done = 1;
-+			else
-+				debug2("%s: UTF8 stringprep failed", __func__);
-+		}
-+		/*
-+		 * Fallback to strnvis if UTF8 display not supported or
-+		 * conversion failed.
-+		 */
-+		if (!done) {
-+			strnvis(msg, raw, len * 4 + 1,
-+			    VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
-+		}
++		sanitize_utf8(msg, raw, len);
  		fprintf(stderr, "%s", msg);
  		free(msg);
  	}
@@ -757,12 +703,10 @@ index 0000000..49f4d9d
 +	{ 0xE0020, 0xE007F },
 +};
 +
-diff --git a/utf8_stringprep.c b/utf8_stringprep.c
-new file mode 100644
-index 0000000..bcafae7
---- /dev/null
-+++ b/utf8_stringprep.c
-@@ -0,0 +1,229 @@
+diff -up openssh-6.8p1/utf8_stringprep.c.utf8-banner openssh-6.8p1/utf8_stringprep.c
+--- openssh-6.8p1/utf8_stringprep.c.utf8-banner	2015-03-18 12:41:28.175713185 +0100
++++ openssh-6.8p1/utf8_stringprep.c	2015-03-18 12:41:28.175713185 +0100
+@@ -0,0 +1,265 @@
 +/*
 + * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
 + *
@@ -803,8 +747,12 @@ index 0000000..bcafae7
 +#include <string.h>
 +#include <limits.h>
 +#include <ctype.h>
++#include <langinfo.h>
++#include <locale.h>
 +
++#include "includes.h"
 +#include "misc.h"
++#include "log.h"
 +
 +struct u32_range {
 +	u_int32_t lo, hi;  /* Inclusive */
@@ -992,3 +940,35 @@ index 0000000..bcafae7
 +	return 0;
 +}
 +
++/* Check whether we can display UTF-8 safely */
++int
++utf8_ok(void)
++{
++	static int ret = -1;
++	char *cp;
++
++	if (ret == -1) {
++		setlocale(LC_CTYPE, "");
++		cp = nl_langinfo(CODESET);
++		ret = strcmp(cp, "UTF-8") == 0;
++	}
++	return ret;
++}
++
++void
++sanitize_utf8(char *target, const char *source, size_t length)
++{
++	u_int done = 0;
++	if (utf8_ok()) {
++		if (utf8_stringprep(source, target, length * 4 + 1) == 0)
++			done = 1;
++		else
++			debug2("%s: UTF8 stringprep failed", __func__);
++	}
++	/*
++	 * Fallback to strnvis if UTF8 display not supported or
++	 * conversion failed.
++	 */
++	if (!done)
++		strnvis(target, source, length * 4 + 1, VIS_SAFE|VIS_OCTAL|VIS_NOSLASH);
++}
diff --git a/openssh-6.6p1-fips.patch b/openssh-6.6p1-fips.patch
index f97e2ba..67fe1d9 100644
--- a/openssh-6.6p1-fips.patch
+++ b/openssh-6.6p1-fips.patch
@@ -13,8 +13,8 @@ index 3bb7f00..294bef5 100644
 -	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
 +	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat -lfipscheck $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
  
- scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
- 	$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o utf8_stringprep.o
+ 	$(LD) -o $@ scp.o progressmeter.o bufaux.o utf8_stringprep.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
  
  ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
 -	$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
diff --git a/openssh-6.6p1-scp-progressmeter.patch b/openssh-6.6p1-scp-progressmeter.patch
new file mode 100644
index 0000000..d2e5bb9
--- /dev/null
+++ b/openssh-6.6p1-scp-progressmeter.patch
@@ -0,0 +1,38 @@
+diff -up openssh-6.6p1/Makefile.in.progressmeter openssh-6.6p1/Makefile.in
+--- openssh-6.6p1/Makefile.in.progressmeter	2015-07-28 14:22:08.740278100 +0200
++++ openssh-6.6p1/Makefile.in	2015-07-28 14:22:08.769278063 +0200
+@@ -158,8 +158,8 @@ ssh$(EXEEXT): $(LIBCOMPAT) libssh.a $(SS
+ sshd$(EXEEXT): libssh.a	$(LIBCOMPAT) $(SSHDOBJS)
+ 	$(LD) -o $@ $(SSHDOBJS) $(LDFLAGS) -lssh -lopenbsd-compat $(SSHDLIBS) $(LIBS) $(GSSLIBS) $(K5LIBS)
+ 
+-scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o
+-	$(LD) -o $@ scp.o progressmeter.o bufaux.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
++scp$(EXEEXT): $(LIBCOMPAT) libssh.a scp.o progressmeter.o utf8_stringprep.o
++	$(LD) -o $@ scp.o progressmeter.o bufaux.o utf8_stringprep.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+ 
+ ssh-add$(EXEEXT): $(LIBCOMPAT) libssh.a ssh-add.o
+ 	$(LD) -o $@ ssh-add.o $(LDFLAGS) -lssh -lopenbsd-compat $(LIBS)
+diff -up openssh-6.6p1/progressmeter.c.progressmeter openssh-6.6p1/progressmeter.c
+--- openssh-6.6p1/progressmeter.c.progressmeter	2015-07-28 14:22:08.768278064 +0200
++++ openssh-6.6p1/progressmeter.c	2015-07-28 14:23:51.464143827 +0200
+@@ -66,6 +66,7 @@ static void update_progress_meter(int);
+ static time_t start;		/* start progress */
+ static time_t last_update;	/* last progress update */
+ static char *file;		/* name of the file being transferred */
++static size_t file_len = 0;	/* allocated length of file */
+ static off_t start_pos;		/* initial position of transfer */
+ static off_t end_pos;		/* ending position of transfer */
+ static off_t cur_pos;		/* transfer position as of last refresh */
+@@ -251,7 +252,11 @@ void
+ start_progress_meter(char *f, off_t filesize, off_t *ctr)
+ {
+ 	start = last_update = monotime();
+-	file = f;
++	if (strlen(f) > file_len) {
++		file_len = strlen(f);
++		file = realloc(file, file_len * 4 + 1);
++	}
++	sanitize_utf8(file, f, file_len);
+ 	start_pos = *ctr;
+ 	end_pos = filesize;
+ 	cur_pos = 0;
diff --git a/openssh.spec b/openssh.spec
index 983bb91..cf1509e 100644
--- a/openssh.spec
+++ b/openssh.spec
@@ -232,6 +232,8 @@ Patch922: openssh-6.7p1-ssh-copy-id-truncated-keys.patch
 Patch923: openssh-6.6p1-security-from-6.9.patch
 # authentication limits (MaxAuthTries) bypass [security] (#1245971)
 Patch924: openssh-6.6p1-authentication-limits-bypass.patch
+# Handle terminal control characters in scp progressmeter (#1247204)
+Patch925: openssh-6.6p1-scp-progressmeter.patch
 
 License: BSD
 Group: Applications/Internet
@@ -449,6 +451,7 @@ popd
 %patch922 -p1 -b .newline
 %patch923 -p1 -b .security
 %patch924 -p1 -b .kbd
+%patch925 -p1 -b .progressmeter
 
 %patch200 -p1 -b .audit
 %patch201 -p1 -b .audit-fps