diff --git a/policy/modules/admin/logwatch.te b/policy/modules/admin/logwatch.te
index 4f569278..02db5ae7 100644
--- a/policy/modules/admin/logwatch.te
+++ b/policy/modules/admin/logwatch.te
@@ -1,5 +1,5 @@
 
-policy_module(logwatch,1.5.1)
+policy_module(logwatch,1.5.2)
 
 #################################
 #
@@ -29,7 +29,6 @@ allow logwatch_t self:capability { dac_override dac_read_search setgid };
 allow logwatch_t self:process signal;
 allow logwatch_t self:fifo_file rw_file_perms;
 allow logwatch_t self:unix_stream_socket create_stream_socket_perms;
-allow logwatch_t self:netlink_route_socket r_netlink_socket_perms; 
 
 manage_dirs_pattern(logwatch_t,logwatch_cache_t,logwatch_cache_t)
 manage_files_pattern(logwatch_t,logwatch_cache_t,logwatch_cache_t)
@@ -73,6 +72,9 @@ term_dontaudit_list_ptys(logwatch_t)
 
 auth_dontaudit_read_shadow(logwatch_t)
 
+init_read_utmp(logwatch_t)
+init_dontaudit_write_utmp(logwatch_t)
+
 libs_use_ld_so(logwatch_t)
 libs_use_shared_libs(logwatch_t)
 libs_read_lib_files(logwatch_t)
@@ -95,6 +97,10 @@ optional_policy(`
 	apache_read_log(logwatch_t)
 ')
 
+optional_policy(`
+	auth_use_nsswitch(logwatch_t)
+')
+
 optional_policy(`
 	avahi_dontaudit_search_pid(logwatch_t)
 ')
@@ -116,14 +122,6 @@ optional_policy(`
 	mta_getattr_spool(logwatch_t)
 ')
 
-optional_policy(`
-	nis_use_ypbind(logwatch_t)
-')
-
-optional_policy(`
-	nscd_socket_use(logwatch_t)
-')
-
 optional_policy(`
 	ntp_domtrans(logwatch_t)
 ')
diff --git a/policy/modules/apps/usernetctl.te b/policy/modules/apps/usernetctl.te
index 72aa5af5..76e81866 100644
--- a/policy/modules/apps/usernetctl.te
+++ b/policy/modules/apps/usernetctl.te
@@ -1,21 +1,11 @@
 
-policy_module(usernetctl,1.1.1)
+policy_module(usernetctl,1.1.2)
 
 ########################################
 #
 # Declarations
 #
 
-ifdef(`strict_policy',`
-## <desc>
-## <p>
-## Allow users to control network interfaces
-## (also needs USERCTL=true)
-## </p>
-## </desc>
-gen_tunable(user_net_control,false)
-')
-
 type usernetctl_t;
 type usernetctl_exec_t;
 application_domain(usernetctl_t,usernetctl_exec_t)
diff --git a/policy/modules/apps/vmware.fc b/policy/modules/apps/vmware.fc
index 8a9f1e3c..ea0b7ef2 100644
--- a/policy/modules/apps/vmware.fc
+++ b/policy/modules/apps/vmware.fc
@@ -25,6 +25,7 @@ HOME_DIR/\.vmware[^/]*/.*\.cfg	--	gen_context(system_u:object_r:ROLE_vmware_conf
 /usr/bin/vmware-smbd		--	gen_context(system_u:object_r:vmware_host_exec_t,s0)
 /usr/bin/vmware-smbpasswd	--	gen_context(system_u:object_r:vmware_host_exec_t,s0)
 /usr/bin/vmware-smbpasswd\.bin	--	gen_context(system_u:object_r:vmware_host_exec_t,s0)
+/usr/bin/vmware-vmx		--	gen_context(system_u:object_r:vmware_host_exec_t,s0)
 /usr/bin/vmware-wizard		--	gen_context(system_u:object_r:vmware_exec_t,s0)
 /usr/bin/vmware			--	gen_context(system_u:object_r:vmware_exec_t,s0)
 
diff --git a/policy/modules/apps/vmware.te b/policy/modules/apps/vmware.te
index 5d0b2ac9..458b7665 100644
--- a/policy/modules/apps/vmware.te
+++ b/policy/modules/apps/vmware.te
@@ -1,5 +1,5 @@
 
-policy_module(vmware,1.2.0)
+policy_module(vmware,1.2.1)
 
 ########################################
 #
@@ -56,6 +56,8 @@ corenet_raw_sendrecv_all_nodes(vmware_host_t)
 corenet_tcp_sendrecv_all_ports(vmware_host_t)
 corenet_udp_sendrecv_all_ports(vmware_host_t)
 corenet_raw_bind_all_nodes(vmware_host_t)
+corenet_tcp_bind_all_nodes(vmware_host_t)
+corenet_udp_bind_all_nodes(vmware_host_t)
 corenet_tcp_connect_all_ports(vmware_host_t)
 corenet_sendrecv_all_client_packets(vmware_host_t)
 corenet_sendrecv_all_server_packets(vmware_host_t)
diff --git a/policy/modules/services/avahi.te b/policy/modules/services/avahi.te
index ef97cdce..d03f3ad8 100644
--- a/policy/modules/services/avahi.te
+++ b/policy/modules/services/avahi.te
@@ -1,5 +1,5 @@
 
-policy_module(avahi,1.6.0)
+policy_module(avahi,1.6.1)
 
 ########################################
 #
@@ -57,6 +57,7 @@ dev_read_urand(avahi_t)
 
 fs_getattr_all_fs(avahi_t)
 fs_search_auto_mountpoints(avahi_t)
+fs_list_inotifyfs(avahi_t)
 
 domain_use_interactive_fds(avahi_t)
 
diff --git a/policy/modules/system/fstools.if b/policy/modules/system/fstools.if
index 34d07e81..640ce612 100644
--- a/policy/modules/system/fstools.if
+++ b/policy/modules/system/fstools.if
@@ -69,6 +69,24 @@ interface(`fstools_exec',`
 	can_exec($1,fsadm_exec_t)
 ')
 
+########################################
+## <summary>
+##	Read fstools unnamed pipes.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`fstools_read_pipes',`
+	gen_require(`
+		type fsdaemon_t;
+	')
+
+	allow $1 fsdaemon_t:fifo_file read_fifo_file_perms;
+')
+
 ########################################
 ## <summary>
 ##	Relabel a file to the type used by the
diff --git a/policy/modules/system/fstools.te b/policy/modules/system/fstools.te
index 4d7854e2..6a80c3cc 100644
--- a/policy/modules/system/fstools.te
+++ b/policy/modules/system/fstools.te
@@ -1,5 +1,5 @@
 
-policy_module(fstools,1.7.0)
+policy_module(fstools,1.7.1)
 
 ########################################
 #
@@ -69,6 +69,7 @@ files_getattr_boot_dirs(fsadm_t)
 
 dev_getattr_all_chr_files(fsadm_t)
 dev_dontaudit_getattr_all_blk_files(fsadm_t)
+dev_dontaudit_getattr_generic_files(fsadm_t)
 # mkreiserfs and other programs need this for UUID
 dev_read_rand(fsadm_t)
 dev_read_urand(fsadm_t)
@@ -184,3 +185,7 @@ optional_policy(`
 	fs_dontaudit_write_ramfs_pipes(fsadm_t)
 	rhgb_stub(fsadm_t)
 ')
+
+optional_policy(`
+	xen_append_log(fsadm_t)
+')
diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te
index c5decd8a..d665bd10 100644
--- a/policy/modules/system/iptables.te
+++ b/policy/modules/system/iptables.te
@@ -1,5 +1,5 @@
 
-policy_module(iptables,1.4.0)
+policy_module(iptables,1.4.1)
 
 ########################################
 #
@@ -58,6 +58,8 @@ domain_use_interactive_fds(iptables_t)
 files_read_etc_files(iptables_t)
 files_read_etc_runtime_files(iptables_t)
 
+auth_use_nsswitch(iptables_t)
+
 init_use_fds(iptables_t)
 init_use_script_ptys(iptables_t)
 # to allow rules to be saved on reboot:
@@ -102,10 +104,6 @@ optional_policy(`
 	nis_use_ypbind(iptables_t)
 ')
 
-optional_policy(`
-	nscd_socket_use(iptables_t)
-')
-
 optional_policy(`
 	ppp_dontaudit_use_fds(iptables_t)
 ')
diff --git a/policy/modules/system/miscfiles.fc b/policy/modules/system/miscfiles.fc
index 0c142e46..e17dd1e9 100644
--- a/policy/modules/system/miscfiles.fc
+++ b/policy/modules/system/miscfiles.fc
@@ -65,6 +65,7 @@ ifdef(`distro_redhat',`
 
 /var/lib/texmf(/.*)?		gen_context(system_u:object_r:tetex_data_t,s0)
 
+/var/cache/fontconfig(/.*)?	gen_context(system_u:object_r:fonts_t,s0)
 /var/cache/fonts(/.*)?		gen_context(system_u:object_r:tetex_data_t,s0)
 /var/cache/man(/.*)?		gen_context(system_u:object_r:man_t,s0)
 
diff --git a/policy/modules/system/miscfiles.te b/policy/modules/system/miscfiles.te
index 6db54ff7..b51fec1f 100644
--- a/policy/modules/system/miscfiles.te
+++ b/policy/modules/system/miscfiles.te
@@ -1,5 +1,5 @@
 
-policy_module(miscfiles,1.3.0)
+policy_module(miscfiles,1.3.1)
 
 ########################################
 #