diff --git a/.gitignore b/.gitignore
index 7927dee..cb4bd4f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
 SOURCES/container-selinux.tgz
-SOURCES/selinux-policy-9db72ed.tar.gz
-SOURCES/selinux-policy-contrib-5e2c252.tar.gz
+SOURCES/selinux-policy-76d3f46.tar.gz
+SOURCES/selinux-policy-contrib-f71a764.tar.gz
diff --git a/.selinux-policy.metadata b/.selinux-policy.metadata
index ea1df3e..8b25f61 100644
--- a/.selinux-policy.metadata
+++ b/.selinux-policy.metadata
@@ -1,3 +1,3 @@
-37036a3f9ec27f942a2b186db25f3c0551784c4e SOURCES/container-selinux.tgz
-d9e66219a3c1a29e8af4da26ed471297d3281fcc SOURCES/selinux-policy-9db72ed.tar.gz
-dd2ac90c589a5a5110bf578b014754b69f2232c7 SOURCES/selinux-policy-contrib-5e2c252.tar.gz
+630fb93dc3f0c54c9bac3e9e29742b235e3d3226 SOURCES/container-selinux.tgz
+868d9fd6e2fed0794a9a7b698586a5419d97cb7e SOURCES/selinux-policy-76d3f46.tar.gz
+fe5e8136583726cb626ba6eacc7c148df57926a7 SOURCES/selinux-policy-contrib-f71a764.tar.gz
diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec
index 1826dad..8f5bb4e 100644
--- a/SPECS/selinux-policy.spec
+++ b/SPECS/selinux-policy.spec
@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 9db72ed4345b0f26e798cb301f306fb4ee303844
+%global commit0 76d3f46c6576aa301aef3702c1c30739f506691f
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 5e2c252146f379cd25df50de97816f6771d9d79b
+%global commit1 f71a76424ebaf8e8af3896bc758cfe10b9102892
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.3
-Release: 107%{?dist}
+Release: 108%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -717,6 +717,32 @@ exit 0
 %endif
 
 %changelog
+* Thu Sep 08 2022 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-108
+- Allow unconfined_service_t insights client content filetrans
+Resolves: rhbz#2119507
+- Allow nsswitch_domain to connect to systemd-machined using a unix socket
+Resolves: rhbz#2119507
+- Add init_status_all_script_files() interface
+Resolves: rhbz#2119507
+- Add dev_dontaudit_write_raw_memory() and dev_read_vsock() interfaces
+Resolves: rhbz#2119507
+- Update insights-client policy for additional commands execution 5
+Resolves: rhbz#2119507
+- Confine insights-client systemd unit
+Resolves: rhbz#2119507
+- Update insights-client policy for additional commands execution 4
+Resolves: rhbz#2119507
+- Change rhsmcertd_t to insights_client_t in insights-client policy
+Resolves: rhbz#2119507
+- Allow insights-client send signull to unconfined_service_t
+Resolves: rhbz#2119507
+- Update insights-client policy for additional commands execution 3
+Resolves: rhbz#2119507
+- Allow journalctl read init state
+Resolves: rhbz#2119507
+- Update insights-client policy for additional commands execution 2
+Resolves: rhbz#2119507
+
 * Thu Aug 25 2022 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-107
 - Label 319/udp port with ptp_event_port_t
 Resolves: rhbz#2118628