diff --git a/SOURCES/policy-rhel-7.7.z-contrib.patch b/SOURCES/policy-rhel-7.7.z-contrib.patch
index 943bed2..f3699d7 100644
--- a/SOURCES/policy-rhel-7.7.z-contrib.patch
+++ b/SOURCES/policy-rhel-7.7.z-contrib.patch
@@ -11,3 +11,36 @@ index 0ba6d491f..927cb8f64 100644
  kernel_read_system_state(sbd_t)
  kernel_dgram_send(sbd_t)
  kernel_rw_all_sysctls(sbd_t)
+diff --git a/tmpreaper.te b/tmpreaper.te
+index a00757adc..0aca5b5fb 100644
+--- a/tmpreaper.te
++++ b/tmpreaper.te
+@@ -40,18 +40,27 @@ init_nnp_daemon_domain(tmpreaper_t)
+ # Local Policy
+ #
+ 
+-allow tmpreaper_t self:capability { dac_override dac_read_search fowner };
++allow tmpreaper_t self:capability { dac_override dac_read_search fowner sys_ptrace };
+ allow tmpreaper_t self:fifo_file rw_fifo_file_perms;
+ 
+ kernel_list_unlabeled(tmpreaper_t)
+ kernel_read_system_state(tmpreaper_t)
++kernel_read_network_state(tmpreaper_t)
+ kernel_delete_unlabeled(tmpreaper_t)
++kernel_dontaudit_getattr_all_sysctls(tmpreaper_t)
+ 
+ dev_read_urand(tmpreaper_t)
++dev_getattr_all_chr_files(tmpreaper_t)
++dev_getattr_all_blk_files(tmpreaper_t)
++dev_getattr_mtrr_dev(tmpreaper_t)
+ 
+ corecmd_exec_bin(tmpreaper_t)
+ corecmd_exec_shell(tmpreaper_t)
+ 
++domain_read_all_domains_state(tmpreaper_t)
++domain_getattr_all_sockets(tmpreaper_t)
++domain_getattr_all_pipes(tmpreaper_t)
++
+ fs_getattr_xattr_fs(tmpreaper_t)
+ fs_list_all(tmpreaper_t)
+ fs_setattr_tmpfs_dirs(tmpreaper_t)
diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec
index 74747b8..7c12475 100644
--- a/SPECS/selinux-policy.spec
+++ b/SPECS/selinux-policy.spec
@@ -20,7 +20,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.13.1
-Release: 252%{?dist}.1
+Release: 252%{?dist}.6
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -655,6 +655,26 @@ fi
 %endif
 
 %changelog
+* Wed Nov 06 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-252.6
+- Dontaudit tmpreaper_t getting attributes from sysctl_type files
+Resolves: rhbz#1766095
+
+* Thu Oct 31 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-252.5
+- Allow tmpreaper_t domain to getattr files labeled as mtrr_device_t
+Resolves: rhbz#1766095
+
+* Wed Oct 30 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-252.4
+- Allow tmpwatch process labeled as tmpreaper_t domain to execute fuser command.
+Resolves: rhbz#1766095
+
+* Wed Oct 30 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-252.3
+- Update tmpreaper_t policy due to fuser command
+Resolves: rhbz#1766095
+
+* Mon Oct 28 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-252.2
+- Allow tmpreaper_t domain to read all domains state
+Resolves: rhbz#1766095
+
 * Wed Jul 10 2019 Lukas Vrabec <lvrabec@redhat.com> - 3.13.1-252.1
 - Allow sbd_t domain to use nsswitch
 Resolves: rhbz#1728593