diff --git a/.gitignore b/.gitignore
index 6d59a35..7927dee 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,3 @@
 SOURCES/container-selinux.tgz
-SOURCES/selinux-policy-contrib-49d512d.tar.gz
-SOURCES/selinux-policy-e0a8ee2.tar.gz
+SOURCES/selinux-policy-9db72ed.tar.gz
+SOURCES/selinux-policy-contrib-5e2c252.tar.gz
diff --git a/.selinux-policy.metadata b/.selinux-policy.metadata
index 0194941..ea1df3e 100644
--- a/.selinux-policy.metadata
+++ b/.selinux-policy.metadata
@@ -1,3 +1,3 @@
-cb55df9b9c41c798f00c6557bd42f691a03b001c SOURCES/container-selinux.tgz
-bb74431e494936bd97fa9baac3f04c80b72fd110 SOURCES/selinux-policy-contrib-49d512d.tar.gz
-2a4f0892f05eba5d144bd36f7d8fd9423b43d4bf SOURCES/selinux-policy-e0a8ee2.tar.gz
+37036a3f9ec27f942a2b186db25f3c0551784c4e SOURCES/container-selinux.tgz
+d9e66219a3c1a29e8af4da26ed471297d3281fcc SOURCES/selinux-policy-9db72ed.tar.gz
+dd2ac90c589a5a5110bf578b014754b69f2232c7 SOURCES/selinux-policy-contrib-5e2c252.tar.gz
diff --git a/SPECS/selinux-policy.spec b/SPECS/selinux-policy.spec
index 4875746..1826dad 100644
--- a/SPECS/selinux-policy.spec
+++ b/SPECS/selinux-policy.spec
@@ -1,11 +1,11 @@
 # github repo with selinux-policy base sources
 %global git0 https://github.com/fedora-selinux/selinux-policy
-%global commit0 e0a8ee21365132c1f4668c975670621c889c5e35
+%global commit0 9db72ed4345b0f26e798cb301f306fb4ee303844
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 # github repo with selinux-policy contrib sources
 %global git1 https://github.com/fedora-selinux/selinux-policy-contrib
-%global commit1 49d512d4d8f17250aaf5524bdfea85180c6dbe56
+%global commit1 5e2c252146f379cd25df50de97816f6771d9d79b
 %global shortcommit1 %(c=%{commit1}; echo ${c:0:7})
 
 %define distro redhat
@@ -29,7 +29,7 @@
 Summary: SELinux policy configuration
 Name: selinux-policy
 Version: 3.14.3
-Release: 106%{?dist}
+Release: 107%{?dist}
 License: GPLv2+
 Source: %{git0}/archive/%{commit0}/%{name}-%{shortcommit0}.tar.gz
 Source29: %{git1}/archive/%{commit1}/%{name}-contrib-%{shortcommit1}.tar.gz
@@ -148,7 +148,7 @@ SELinux policy development and man page package
 %{_usr}/share/selinux/devel/Makefile
 %{_usr}/share/selinux/devel/example.*
 %{_usr}/share/selinux/devel/policy.*
-%ghost %{_sharedstatedir}/sepolgen/interface_info
+%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/sepolgen/interface_info
 
 %post devel
 selinuxenabled && /usr/bin/sepolgen-ifgen 2>/dev/null 
@@ -717,6 +717,34 @@ exit 0
 %endif
 
 %changelog
+* Thu Aug 25 2022 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-107
+- Label 319/udp port with ptp_event_port_t
+Resolves: rhbz#2118628
+- Allow unconfined and sysadm users transition for /root/.gnupg
+Resolves: rhbz#2119507
+- Add the kernel_read_proc_files() interface
+Resolves: rhbz#2119507
+- Add userdom_view_all_users_keys() interface
+Resolves: rhbz#2119507
+- Allow system_cronjob_t domtrans to rpm_script_t
+Resolves: rhbz#2118362
+- Allow smbd_t process noatsecure permission for winbind_rpcd_t
+Resolves: rhbz#2117199
+- Allow chronyd bind UDP sockets to ptp_event ports
+Resolves: rhbz#2118628
+- Allow samba-bgqd to read a printer list
+Resolves: rhbz#2118958
+- Add gpg_filetrans_admin_home_content() interface
+Resolves: rhbz#2119507
+- Update insights-client policy for additional commands execution
+Resolves: rhbz#2119507
+- Allow gpg read and write generic pty type
+Resolves: rhbz#2119507
+- Allow chronyc read and write generic pty type
+Resolves: rhbz#2119507
+- Disable rpm verification on interface_info
+Resolves: rhbz#2119472
+
 * Wed Aug 10 2022 Zdenek Pytela <zpytela@redhat.com> - 3.14.3-106
 - Allow networkmanager to signal unconfined process
 Resolves: rhbz#1918148