diff --git a/.cvsignore b/.cvsignore
index dd02f27..4e44875 100644
--- a/.cvsignore
+++ b/.cvsignore
@@ -54,3 +54,4 @@ libselinux-1.27.6.tgz
 libselinux-1.27.7.tgz
 libselinux-1.27.9.tgz
 libselinux-1.27.10.tgz
+libselinux-1.27.12.tgz
diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch
index ec309e4..0a34354 100644
--- a/libselinux-rhat.patch
+++ b/libselinux-rhat.patch
@@ -1,22 +1,3 @@
-diff --exclude-from=exclude -N -u -r nsalibselinux/include/selinux/get_context_list.h libselinux-1.27.10/include/selinux/get_context_list.h
---- nsalibselinux/include/selinux/get_context_list.h	2005-09-19 13:36:06.000000000 -0400
-+++ libselinux-1.27.10/include/selinux/get_context_list.h	2005-10-17 13:48:00.000000000 -0400
-@@ -54,6 +54,15 @@
- 				  security_context_t fromcon,
- 				  security_context_t *newcon);
- 
-+/* Same as get_default_context, but only return a context
-+   that has the specified role and level.  If no reachable context exists
-+   for the user with that role, then return -1. */
-+int get_default_context_with_rolelevel(const char* user, 
-+				       const char *level,
-+				       const char *role,
-+				       security_context_t fromcon,
-+				       security_context_t *newcon);
-+
- /* Given a list of authorized security contexts for the user, 
-    query the user to select one and set *newcon to refer to it.
-    Caller must free via freecon.
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_default_context_with_level.3 libselinux-1.27.10/man/man3/get_default_context_with_level.3
 --- nsalibselinux/man/man3/get_default_context_with_level.3	1969-12-31 19:00:00.000000000 -0500
 +++ libselinux-1.27.10/man/man3/get_default_context_with_level.3	2005-10-17 13:58:54.000000000 -0400
@@ -27,133 +8,8 @@ diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_default_context_
 +++ libselinux-1.27.10/man/man3/get_default_context_with_rolelevel.3	2005-10-17 13:58:41.000000000 -0400
 @@ -0,0 +1 @@
 +.so man3/get_ordered_context_list.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list.3 libselinux-1.27.10/man/man3/get_ordered_context_list.3
---- nsalibselinux/man/man3/get_ordered_context_list.3	2005-04-29 14:06:50.000000000 -0400
-+++ libselinux-1.27.10/man/man3/get_ordered_context_list.3	2005-10-17 13:57:48.000000000 -0400
-@@ -1,6 +1,6 @@
- .TH "get_ordered_context_list" "3" "1 January 2004" "russell@coker.com.au" "SE Linux"
- .SH "NAME"
--get_ordered_context_list, get_default_context, get_default_context_with_role, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
-+get_ordered_context_list, get_ordered_context_list_with_level, get_default_context, get_default_context_with_level, get_default_context_with_role, get_default_context_with_rolelevel, query_user_context, manual_user_enter_context, get_default_role \- determine context(s) for user sessions
- 
- .SH "SYNOPSIS"
- .B #include <selinux/selinux.h>
-@@ -9,10 +9,16 @@
- .sp
- .BI "int get_ordered_context_list(const char *" user ", security_context_t "fromcon ", security_context_t **" list );
- .sp
-+.BI "int get_ordered_context_list_with_level(const char *" user ", const char *" level ", security_context_t "fromcon ", security_context_t **" list );
-+.sp
- .BI "int get_default_context(const char *" user ", security_context_t "fromcon ", security_context_t *" newcon );
- .sp
-+.BI "int get_default_context_with_level(const char *" user ", const char *" level ", security_context_t "fromcon ", security_context_t *" newcon );
-+.sp
- .BI "int get_default_context_with_role(const char* " user ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
- .sp
-+.BI "int get_default_context_with_rolelevel(const char* " user ", const char* " level ", const char *" role ", security_context_t " fromcon ", security_context_t *" newcon ");
-+.sp
- .BI "int query_user_context(security_context_t *" list ", security_context_t *" newcon );
- .sp
- .BI "int manual_user_enter_context(const char *" user ", security_context_t *" newcon );
-@@ -27,7 +33,7 @@
- .I user
- that are reachable from the specified
- .I fromcon
--context and then orders the resulting list based on the global
-+context.  The function then orders the resulting list based on the global
- .B /etc/selinux/<SELINUXTYPE>/contexts/default_contexts
- file and the per-user
- .B /etc/selinux/<SELINUXTYPE>/contexts/users/<username>
-@@ -39,13 +45,22 @@
- .B freeconary
- function.
- 
-+.B get_ordered_context_list_with_level
-+invokes the get_ordered_context_list function and applies the specified level.
-+
- .B get_default_context
- is the same as get_ordered_context_list but only returns a single context
- which has to be freed with freecon.
- 
-+.B get_default_context_with_level
-+invokes the get_default_context function and applies the specified level.
-+
- .B get_default_context_with_role
- is the same as get_default_context but only returns a context with the specified role, returning -1 if no such context is reachable for the user.
- 
-+.B get_default_context_with_rolelevel
-+invokes the get_default_context_with_role function and applies the specified level.
-+
- .B query_user_context
- takes a list of contexts, queries the user via stdin/stdout as to which context
- they want, and returns a new context as selected by the user (which has to be
-@@ -58,9 +73,8 @@
- Get the default type (domain) for 'role' and set 'type' to refer to it, which has to be freed with free.
- 
- .SH "RETURN VALUE"
--get_ordered_context_list returns the number of contexts in the list upon
--success or -1 upon errors.
-+get_ordered_context_list and get_ordered_context_list_with_level return the number of contexts in the list upon success or -1 upon errors.
- The other functions return 0 for success or -1 for errors.
- 
- .SH "SEE ALSO"
--.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)"
-+.BR freeconary "(3), " freecon "(3), " security_compute_av "(3)", getseuserbyname"(3)"
 diff --exclude-from=exclude -N -u -r nsalibselinux/man/man3/get_ordered_context_list_with_level.3 libselinux-1.27.10/man/man3/get_ordered_context_list_with_level.3
 --- nsalibselinux/man/man3/get_ordered_context_list_with_level.3	1969-12-31 19:00:00.000000000 -0500
 +++ libselinux-1.27.10/man/man3/get_ordered_context_list_with_level.3	2005-10-17 13:59:03.000000000 -0400
 @@ -0,0 +1 @@
 +.so man3/get_ordered_context_list.3
-diff --exclude-from=exclude -N -u -r nsalibselinux/src/get_context_list.c libselinux-1.27.10/src/get_context_list.c
---- nsalibselinux/src/get_context_list.c	2005-10-14 14:45:05.000000000 -0400
-+++ libselinux-1.27.10/src/get_context_list.c	2005-10-17 13:45:55.000000000 -0400
-@@ -48,6 +48,49 @@
-     return rc;
- }
- 
-+int get_default_context_with_rolelevel(const char* user, 
-+				       const char *role,
-+				       const char *level,
-+				       security_context_t fromcon,
-+				       security_context_t *newcon) 
-+{
-+
-+    int rc=0;
-+    int freefrom = 0;
-+    context_t con;
-+    char *newfromcon;
-+    if (!level) 
-+	    return get_default_context_with_role(user, role, fromcon, newcon);
-+	
-+    if (!fromcon) {
-+	    rc = getcon(&fromcon);
-+	    if (rc < 0)
-+		    return rc;
-+	    freefrom = 1;
-+    }
-+    
-+    rc = -1;
-+    con=context_new(fromcon);
-+    if (!con)
-+	    goto out;
-+    
-+    if (context_range_set(con, level))
-+	    goto out;
-+    
-+    newfromcon = context_str(con);
-+    if (!newfromcon)
-+	    goto out;
-+    
-+    rc = get_default_context_with_role(user, role, newfromcon, newcon);
-+    
-+out:
-+    context_free(con);
-+    if (freefrom) 
-+	    freecon(fromcon);
-+    return rc;
-+
-+}
-+
- int get_default_context(const char* user, 
- 			security_context_t fromcon,
- 			security_context_t *newcon)
diff --git a/libselinux.spec b/libselinux.spec
index 68559b7..4bd7aaa 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -1,7 +1,7 @@
-%define libsepolver 1.9.17-1
+%define libsepolver 1.9.21-1
 Summary: SELinux library and simple utilities
 Name: libselinux
-Version: 1.27.10
+Version: 1.27.12
 Release: 1
 License: Public domain (uncopyrighted)
 Group: System Environment/Libraries
@@ -92,8 +92,13 @@ exit 0
 %{_mandir}/man8/*
 
 %changelog
-* Mon Oct 17 2005 Dan Walsh <dwalsh@redhat.com> 1.27.10-1
--
+* Mon Oct 17 2005 Dan Walsh <dwalsh@redhat.com> 1.27.12-1
+- Update to latest from NSA
+	* Merged get_default_context_with_rolelevel and man pages from
+	  Dan Walsh (Red Hat).
+	* Updated call to sepol_policydb_to_image for sepol changes.
+	* Changed getseuserbyname to ignore empty lines and to handle
+	no matching entry in the same manner as no seusers file.
 
 * Fri Oct 14 2005 Dan Walsh <dwalsh@redhat.com> 1.27.9-2
 - Tell init to reexec itself in post script
diff --git a/sources b/sources
index d0a403a..b1bd394 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-e88a9720a6eab17b1a6782caa8278673  libselinux-1.27.10.tgz
+0c74dd29a27e67312c943e81873d576b  libselinux-1.27.12.tgz