diff --git a/docker-selinux.tgz b/docker-selinux.tgz
index b24750c..df508b3 100644
Binary files a/docker-selinux.tgz and b/docker-selinux.tgz differ
diff --git a/policy-rawhide-base.patch b/policy-rawhide-base.patch
index f0068de..6a4e7cc 100644
--- a/policy-rawhide-base.patch
+++ b/policy-rawhide-base.patch
@@ -45145,10 +45145,10 @@ index 0000000..c253b33
 +')
 diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
 new file mode 100644
-index 0000000..9afb637
+index 0000000..3358b07
 --- /dev/null
 +++ b/policy/modules/system/systemd.te
-@@ -0,0 +1,788 @@
+@@ -0,0 +1,791 @@
 +policy_module(systemd, 1.0.0)
 +
 +#######################################
@@ -45486,6 +45486,9 @@ index 0000000..9afb637
 +corenet_udp_bind_all_nodes(systemd_networkd_t)
 +corenet_tcp_bind_dhcpc_port(systemd_networkd_t)
 +corenet_udp_bind_dhcpc_port(systemd_networkd_t)
++corenet_tcp_bind_dhcpd_port(systemd_networkd_t)
++corenet_udp_bind_dhcpd_port(systemd_networkd_t)
++
 +
 +fs_read_xenfs_files(systemd_networkd_t)
 +
@@ -45556,7 +45559,7 @@ index 0000000..9afb637
 +# Local policy
 +#
 +
-+allow systemd_tmpfiles_t self:capability { chown dac_override fsetid fowner mknod };
++allow systemd_tmpfiles_t self:capability { chown dac_override fsetid fowner mknod sys_admin };
 +allow systemd_tmpfiles_t self:process { setfscreate };
 +
 +allow systemd_tmpfiles_t self:unix_dgram_socket create_socket_perms;
diff --git a/policy-rawhide-contrib.patch b/policy-rawhide-contrib.patch
index dc370d4..3bff382 100644
--- a/policy-rawhide-contrib.patch
+++ b/policy-rawhide-contrib.patch
@@ -7818,7 +7818,7 @@ index f3c0aba..f6e25ed 100644
 +	files_etc_filetrans(apcupsd_t, apcupsd_power_t, file, "powerfail")
  ')
 diff --git a/apcupsd.te b/apcupsd.te
-index 080bc4d..5db6cde 100644
+index 080bc4d..5b4d973 100644
 --- a/apcupsd.te
 +++ b/apcupsd.te
 @@ -24,6 +24,12 @@ files_tmp_file(apcupsd_tmp_t)
@@ -7856,7 +7856,7 @@ index 080bc4d..5db6cde 100644
  corenet_all_recvfrom_netlabel(apcupsd_t)
  corenet_tcp_sendrecv_generic_if(apcupsd_t)
  corenet_tcp_sendrecv_generic_node(apcupsd_t)
-@@ -67,26 +73,38 @@ corenet_tcp_bind_apcupsd_port(apcupsd_t)
+@@ -67,26 +73,41 @@ corenet_tcp_bind_apcupsd_port(apcupsd_t)
  corenet_sendrecv_apcupsd_server_packets(apcupsd_t)
  corenet_tcp_sendrecv_apcupsd_port(apcupsd_t)
  corenet_tcp_connect_apcupsd_port(apcupsd_t)
@@ -7867,9 +7867,12 @@ index 080bc4d..5db6cde 100644
  corenet_sendrecv_snmp_server_packets(apcupsd_t)
  corenet_udp_sendrecv_snmp_port(apcupsd_t)
  
++corenet_tcp_connect_smtp_port(apcupsd_t)
++
 +fs_getattr_xattr_fs(apcupsd_t)
 +
 +dev_read_sysfs(apcupsd_t)
++dev_read_urand(apcupsd_t)
 +
  dev_rw_generic_usb_dev(apcupsd_t)
  
@@ -7900,7 +7903,7 @@ index 080bc4d..5db6cde 100644
  
  optional_policy(`
  	hostname_exec(apcupsd_t)
-@@ -101,6 +119,11 @@ optional_policy(`
+@@ -101,6 +122,11 @@ optional_policy(`
  	shutdown_domtrans(apcupsd_t)
  ')
  
@@ -7912,7 +7915,7 @@ index 080bc4d..5db6cde 100644
  ########################################
  #
  # CGI local policy
-@@ -108,20 +131,20 @@ optional_policy(`
+@@ -108,20 +134,20 @@ optional_policy(`
  
  optional_policy(`
  	apache_content_template(apcupsd_cgi)
@@ -66690,10 +66693,10 @@ index 0000000..80246e6
 +
 diff --git a/pcp.te b/pcp.te
 new file mode 100644
-index 0000000..65502e1
+index 0000000..573632e
 --- /dev/null
 +++ b/pcp.te
-@@ -0,0 +1,272 @@
+@@ -0,0 +1,274 @@
 +policy_module(pcp, 1.0.0)
 +
 +########################################
@@ -66838,6 +66841,8 @@ index 0000000..65502e1
 +
 +logging_send_syslog_msg(pcp_pmcd_t)
 +
++lvm_domtrans(pcp_pmcd_t)
++
 +storage_getattr_fixed_disk_dev(pcp_pmcd_t)
 +
 +userdom_read_user_tmp_files(pcp_pmcd_t)
diff --git a/selinux-policy.spec b/selinux-policy.spec
index 19e82c3..fb6d602 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,7 +19,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 159%{?dist}
+Release: 160%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -664,6 +664,14 @@ exit 0
 %endif
 
 %changelog
+* Tue Nov 24 2015 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-160
+- Allow apcupsd sending mails about battery state. BZ(1274018)
+- Allow pcp_pmcd_t domain transition to lvm_t. BZ(1277779)
+- Merge pull request #68 from rhatdan/rawhide-contrib
+- Allow antivirus_t to bind to all unreserved ports. Clamd binds to random unassigned port (by default in range 1024-2048). #1248785
+-  Allow systemd-networkd to bind dhcpd ports if DHCP=yes in *.network conf file. BZ(#1280092)
+- systemd-tmpfiles performs operations on System V IPC objects which requires sys_admin capability. BZ(#1279269)
+
 * Fri Nov 20 2015 Miroslav Grepl <mgrepl@redhat.com> 3.13.1-159
 - Allow antivirus_t to bind to all unreserved ports. Clamd binds to random unassigned port (by default in range 1024-2048)
 - Allow abrt-hook-ccpp to change SELinux user identity for created objects.