diff --git a/.cvsignore b/.cvsignore
index 677d4b6..8843165 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -198,3 +198,4 @@ serefpolicy-3.7.4.tgz
 serefpolicy-3.7.5.tgz
 serefpolicy-3.7.6.tgz
 serefpolicy-3.7.7.tgz
+serefpolicy-3.7.8.tgz
diff --git a/nsadiff b/nsadiff
index 89c70e1..c121a89 100755
--- a/nsadiff
+++ b/nsadiff
@@ -1 +1 @@
-diff --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.7.7 > /tmp/diff
+diff --exclude-from=exclude -N -u -r nsaserefpolicy serefpolicy-3.7.8 > /tmp/diff
diff --git a/policy-F13.patch b/policy-F13.patch
index aa83c61..6463622 100644
--- a/policy-F13.patch
+++ b/policy-F13.patch
@@ -4794,8 +4794,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +# No types are sandbox_exec_t
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.if serefpolicy-3.7.8/policy/modules/apps/sandbox.if
 --- nsaserefpolicy/policy/modules/apps/sandbox.if	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.7.8/policy/modules/apps/sandbox.if	2010-01-18 15:18:03.000000000 -0500
-@@ -0,0 +1,223 @@
++++ serefpolicy-3.7.8/policy/modules/apps/sandbox.if	2010-01-18 17:36:16.000000000 -0500
+@@ -0,0 +1,225 @@
 +
 +## <summary>policy for sandbox</summary>
 +
@@ -4922,7 +4922,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +	manage_sock_files_pattern($1_t, $1_file_t, $1_file_t)
 +
 +	# window manager
-+	miscfiles_setattr_fonts_dirs($1_t)
++	miscfiles_setattr_fonts_cache_dirs($1_t)
 +	allow $1_t self:capability setuid;
 +
 +	type $1_client_t, sandbox_x_domain;
@@ -4956,6 +4956,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +	ps_process_pattern(sandbox_xserver_t, $1_t)
 +	allow sandbox_xserver_t $1_client_t:shm rw_shm_perms;
 +	allow sandbox_xserver_t $1_t:shm rw_shm_perms;
++	allow $1_client_t $1_t:unix_stream_socket connectto;
++	allow $1_t $1_client_t:unix_stream_socket connectto;
 +
 +	can_exec($1_client_t, $1_file_t)
 +	manage_dirs_pattern($1_client_t, $1_file_t, $1_file_t)
@@ -5021,8 +5023,8 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +')
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.te serefpolicy-3.7.8/policy/modules/apps/sandbox.te
 --- nsaserefpolicy/policy/modules/apps/sandbox.te	1969-12-31 19:00:00.000000000 -0500
-+++ serefpolicy-3.7.8/policy/modules/apps/sandbox.te	2010-01-18 15:18:03.000000000 -0500
-@@ -0,0 +1,343 @@
++++ serefpolicy-3.7.8/policy/modules/apps/sandbox.te	2010-01-18 17:35:39.000000000 -0500
+@@ -0,0 +1,346 @@
 +policy_module(sandbox,1.0.0)
 +dbus_stub()
 +attribute sandbox_domain;
@@ -5190,7 +5192,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +init_dontaudit_write_utmp(sandbox_x_domain)
 +
 +miscfiles_read_localization(sandbox_x_domain)
-+miscfiles_dontaudit_setattr_fonts_dirs(sandbox_x_domain)
++miscfiles_dontaudit_setattr_fonts_cache_dirs(sandbox_x_domain)
 +
 +term_getattr_pty_fs(sandbox_x_domain)
 +term_use_ptmx(sandbox_x_domain)
@@ -5206,6 +5208,10 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +')
 +
 +optional_policy(`
++	dbus_system_bus_client(sandbox_x_domain)
++')
++
++optional_policy(`
 +	gnome_read_gconf_config(sandbox_x_domain)
 +')
 +
@@ -5239,7 +5245,6 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/apps/sandbox.
 +
 +auth_use_nsswitch(sandbox_x_client_t)
 +
-+dbus_system_bus_client(sandbox_x_client_t)
 +dbus_read_config(sandbox_x_client_t)
 +selinux_get_fs_mount(sandbox_x_client_t)
 +selinux_validate_context(sandbox_x_client_t)
@@ -14996,7 +15001,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
 +/usr/local/linuxprinter/ppd(/.*)?      gen_context(system_u:object_r:cupsd_rw_etc_t,s0)
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.7.8/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2009-08-14 16:14:31.000000000 -0400
-+++ serefpolicy-3.7.8/policy/modules/services/cups.te	2010-01-18 15:18:03.000000000 -0500
++++ serefpolicy-3.7.8/policy/modules/services/cups.te	2010-01-18 17:30:30.000000000 -0500
 @@ -23,6 +23,9 @@
  type cupsd_initrc_exec_t;
  init_script_file(cupsd_initrc_exec_t)
@@ -15079,7 +15084,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups
  miscfiles_read_localization(cupsd_t)
  # invoking ghostscript needs to read fonts
  miscfiles_read_fonts(cupsd_t)
-+miscfiles_setattr_fonts_dirs(cupsd_t)
++miscfiles_setattr_fonts_cache_dirs(cupsd_t)
  
  seutil_read_config(cupsd_t)
  sysnet_exec_ifconfig(cupsd_t)
@@ -30625,7 +30630,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfi
  
 diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfiles.if serefpolicy-3.7.8/policy/modules/system/miscfiles.if
 --- nsaserefpolicy/policy/modules/system/miscfiles.if	2009-11-25 11:47:19.000000000 -0500
-+++ serefpolicy-3.7.8/policy/modules/system/miscfiles.if	2010-01-18 15:18:03.000000000 -0500
++++ serefpolicy-3.7.8/policy/modules/system/miscfiles.if	2010-01-18 17:31:02.000000000 -0500
 @@ -73,7 +73,8 @@
  #
  interface(`miscfiles_read_fonts',`
@@ -30647,7 +30652,7 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfi
  ')
  
  ########################################
-@@ -167,6 +172,51 @@
+@@ -167,6 +172,70 @@
  	manage_dirs_pattern($1, fonts_t, fonts_t)
  	manage_files_pattern($1, fonts_t, fonts_t)
  	manage_lnk_files_pattern($1, fonts_t, fonts_t)
@@ -30675,6 +30680,25 @@ diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/system/miscfi
 +
 +########################################
 +## <summary>
++##	Dontaudit attempts to set the attributes on a fonts cache directory.
++## </summary>
++## <param name="domain">
++##	<summary>
++##	Domain allowed access.
++##	</summary>
++## </param>
++## <rolecap/>
++#
++interface(`miscfiles_dontaudit_setattr_fonts_cache_dirs',`
++	gen_require(`
++		type fonts_cache_t;
++	')
++
++	allow $1 fonts_cache_t:dir setattr;
++')
++
++########################################
++## <summary>
 +##	Create, read, write, and delete fonts cache.
 +## </summary>
 +## <param name="domain">
diff --git a/selinux-policy.spec b/selinux-policy.spec
index c4669b1..ab6df9d 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -19,8 +19,8 @@
 %define CHECKPOLICYVER 2.0.21-1
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 3.7.7
-Release: 3%{?dist}
+Version: 3.7.8
+Release: 1%{?dist}
 License: GPLv2+
 Group: System Environment/Base
 Source: serefpolicy-%{version}.tgz
@@ -459,6 +459,9 @@ exit 0
 %endif
 
 %changelog
+* Mon Jan 18 2010 Dan Walsh <dwalsh@redhat.com> 3.7.8-1
+- Update to upstream
+
 * Fri Jan 15 2010 Dan Walsh <dwalsh@redhat.com> 3.7.7-3
 - Fix git
 
diff --git a/sources b/sources
index 868ecc2..d1a2e3f 100644
--- a/sources
+++ b/sources
@@ -1,2 +1,2 @@
 3651679c4b12a31d2ba5f4305bba5540  config.tgz
-2cec5f31faaf708d21bbcffabde5533d  serefpolicy-3.7.7.tgz
+6ed233bfd5c6a20877d98e74f967ce0f  serefpolicy-3.7.8.tgz