* Sun Nov 03 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.14.5-12
    - Label /var/cache/nginx as httpd_cache_t
    - Allow abrt_upload_watch_t domain to send dgram msgs to kernel processes and stream connect to journald
    - Created dnsmasq_use_ipset boolean
    - Allow capability dac_override in logwatch_mail_t domain
    - Allow automount_t domain to execute ping in own SELinux domain (ping_t)
    - Allow tmpreaper_t domain to getattr files labeled as mtrr_device_t
    - Allow collectd_t domain to create netlink_generic_socket sockets
    - Allow rhsmcertd_t domain to read/write rtas_errd_var_lock_t files
    - Allow tmpwatch process labeled as tmpreaper_t domain to execute fuser command.
    - Label /etc/postfix/chroot-update as postfix_exec_t
    - Update tmpreaper_t policy due to fuser command
    - Allow kdump_t domain to create netlink_route and udp sockets
    - Allow stratisd to connect to dbus
    - Allow fail2ban_t domain to create netlink netfilter sockets.
    - Allow dovecot get filesystem quotas
    - Allow networkmanager_t domain to execute chronyd binary in chronyd_t domain. BZ(1765689)
    - Allow systemd-tmpfiles processes to set rlimit information
    - Allow cephfs to use xattrs for storing contexts
    - Update files_filetrans_named_content() interface to allow caller domain to create /oldroot /.profile with correct label etc_runtime_t