diff --git a/container-selinux.tgz b/container-selinux.tgz
index 039608759172e1b05c1927c384bb9366620a9178..a9565105b627954a92a788c7994de265259fc079 100644
Binary files a/container-selinux.tgz and b/container-selinux.tgz differ
diff --git a/download b/download
index f8579fd10abf89cf28aa74d7ea0ddbda34770bda..a64b6aa98c6b2c94c06be9a6c89f01235bfa1bab 100644
--- a/download
+++ b/download
@@ -1,2 +1,2 @@
-2f5d6fefdda842b9e6b309ac55d6c099  selinux-policy-642155b.tar.gz
-ec54af0d2b523e016235194b38528f19  selinux-policy-contrib-0e4a7a0.tar.gz
+eefb9a0f9f65c64e8f6eef0f454f5078  selinux-policy-ab10edf.tar.gz
+39afa6397c13613fcd318928c6ea9da7  selinux-policy-contrib-191fa35.tar.gz
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 231dbaca98d3e4e596f50de8b254c24f8f070dab..e988220961eb03b160a4c37eb910fe7e5706cfaf 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -1,12 +1,11 @@
-%define anolis_release .0.1
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 642155b226a48d3edbdc1a13fb9a9fece74140f7
+%global commit0 ab10edf9d09f671f038fbc4446ddc7d8ceb1a266
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 0e4a7a0e5879fd49a239fb71e000c4967fe98eca
+%global commit1 191fa35ac243f8f3f1db0a9e95c77b6e308a16e9
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -30,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.3
-Release: 93%{anolis_release}%{?dist}
+Release: 95%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -459,7 +458,7 @@ echo "
 #     enforcing - SELinux security policy is enforced.
 #     permissive - SELinux prints warnings instead of enforcing.
 #     disabled - No SELinux policy is loaded.
-SELINUX=disabled
+SELINUX=enforcing
 # SELINUXTYPE= can take one of these three values:
 #     targeted - Targeted processes are protected,
 #     minimum - Modification of targeted policy. Only selected processes are protected. 
@@ -718,9 +717,14 @@ exit 0
 %endif
 
 %changelog
-* Sun Apr 24 2022 Weitao Zhou <zhouwt@linux.alibaba.com> - 3.14.3-93.0.1
-- Disable selinux by default
-- cherry-pick [bfc16aa]
+* Thu Mar 24 2022 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-95
+- Allow hostapd talk with unconfined user over unix domain dgram socket
+Resolves: rhbz#2064284
+
+* Thu Mar 10 2022 Nikola Knazekova nknazeko@redhat.com - 3.14.3-94
+- Allow chronyd send a message to sosreport over datagram socket
+- Allow systemd-logind dbus chat with sosreport
+Resolves: rhbz#1949493
 
 * Thu Feb 24 2022 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-93
 - Allow systemd-networkd dbus chat with sosreport