diff --git a/policy-20100106.patch b/policy-20100106.patch
index be40e9d..200111a 100644
--- a/policy-20100106.patch
+++ b/policy-20100106.patch
@@ -5394,7 +5394,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  # System cron process domain
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/cups.te serefpolicy-3.6.32/policy/modules/services/cups.te
 --- nsaserefpolicy/policy/modules/services/cups.te	2010-01-18 18:24:22.771540183 +0100
-+++ serefpolicy-3.6.32/policy/modules/services/cups.te	2010-02-17 16:19:02.686863774 +0100
++++ serefpolicy-3.6.32/policy/modules/services/cups.te	2010-03-05 15:20:55.192561142 +0100
 @@ -265,6 +265,7 @@
  # invoking ghostscript needs to read fonts
  miscfiles_read_fonts(cupsd_t)
@@ -5433,7 +5433,15 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
  allow cups_pdf_t self:fifo_file rw_file_perms;
  allow cups_pdf_t self:unix_stream_socket create_stream_socket_perms;
  
-@@ -689,6 +693,7 @@
+@@ -578,6 +582,7 @@
+ files_tmp_filetrans(cups_pdf_t, cups_pdf_tmp_t, { file dir })
+ 
+ fs_rw_anon_inodefs_files(cups_pdf_t)
++fs_search_auto_mountpoints(cups_pdf_t)
+ 
+ kernel_read_system_state(cups_pdf_t)
+ 
+@@ -689,6 +694,7 @@
  
  domain_use_interactive_fds(hplip_t)
  
@@ -10458,7 +10466,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +')
 diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/usbmuxd.te serefpolicy-3.6.32/policy/modules/services/usbmuxd.te
 --- nsaserefpolicy/policy/modules/services/usbmuxd.te	1970-01-01 01:00:00.000000000 +0100
-+++ serefpolicy-3.6.32/policy/modules/services/usbmuxd.te	2010-03-03 15:06:35.322862650 +0100
++++ serefpolicy-3.6.32/policy/modules/services/usbmuxd.te	2010-03-05 16:12:03.673562124 +0100
 @@ -0,0 +1,49 @@
 +
 +policy_module(usbmuxd,1.0.0)
@@ -10484,7 +10492,7 @@ diff -b -B --ignore-all-space --exclude-from=exclude -N -u -r nsaserefpolicy/pol
 +#
 +
 +allow usbmuxd_t self:capability { kill setgid setuid };
-+allow usbmuxd_t self:process { fork };
++allow usbmuxd_t self:process { fork signal signull };
 +
 +# Init script handling
 +domain_use_interactive_fds(usbmuxd_t)