diff --git a/selinux-policy.spec b/selinux-policy.spec
index 59891da..d97f608 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -1,6 +1,6 @@
 # github repo with selinux-policy sources
 %global giturl https://github.com/fedora-selinux/selinux-policy
-%global commit e4a44a341ed62d46d04a39da9074a644764d381a
+%global commit c9bbaf829a668336cb2d2f91da6e8e0186af9d5a
 %global shortcommit %(c=%{commit}; echo ${c:0:7})
 
 %define distro redhat
@@ -23,8 +23,8 @@
 %define CHECKPOLICYVER 3.2
 Summary: SELinux policy configuration
 Name: selinux-policy
-Version: 36.13
-Release: 3%{?dist}
+Version: 36.14
+Release: 1%{?dist}
 License: GPLv2+
 Source: %{giturl}/archive/%{commit}/%{name}-%{shortcommit}.tar.gz
 Source1: modules-targeted-base.conf
@@ -812,6 +812,26 @@ exit 0
 %endif
 
 %changelog
+* Thu Aug 11 2022 Zdenek Pytela <zpytela@redhat.com> - 36.14-1
+- Allow nm-dispatcher custom plugin dbus chat with nm
+- Allow xdm read the kernel key ring
+- Allow login_userdomain check status of mount units
+- Allow nm-dispatcher sendmail plugin get status of systemd services
+- Allow sa-update to get init status and start systemd files
+- Allow launch-xenstored read filesystem sysctls
+- Allow openvswitch fsetid capability
+- Allow openvswitch use its private tmpfs files and dirs
+- Allow openvswitch search tracefs dirs
+- Allow services execute systemd-notify
+- Do not allow login_userdomain use sd_notify()
+- Allow some domains use sd_notify()
+- Allow pmdalinux read files on an nfsd filesystem
+- Allow fedora-third-party read the passwords file
+- Allow pmie read network state information and network sysctls
+- Allow sysadm_t to run bpftool on the userdomain attribute
+- Add the userdom_prog_run_bpf_userdomain() interface
+- Allow dhclient manage pid files used by chronyd
+
 * Mon Aug 01 2022 Zdenek Pytela <zpytela@redhat.com> - 36.13-3
 Revert "Users have to be generated is policy/users to make 3.4 userspace happy"
 
diff --git a/sources b/sources
index 7b75a50..71f1ef0 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (selinux-policy-e4a44a3.tar.gz) = 0515d763675a9c4e19c2fdd309bd6e6c1bc8a3b7612967638392e0ec68d97bc5b298a2fdf068ce8514fb99d1f65e760aec90f8dd7bbbbcf41867fca060b6f2da
+SHA512 (selinux-policy-c9bbaf8.tar.gz) = f65ef6cf0d684a9a64ba90b8a23b3493420998416514801307f3abfe1b700efeeaa6a164a793d7124a48860927d65b055bdc38646879f2e0b6f109ffdabc46fc
+SHA512 (container-selinux.tgz) = 193176e0b9d23cc22dd8e868fe804abd25376a77e1a7d92bcbf5e75ef4fe3b6f05125a426daf103c6868ecbac9419bfd3c3a15159c2ede7c9ab4f6f51d7eeb2b
 SHA512 (macro-expander) = 243ee49f1185b78ac47e56ca9a3f3592f8975fab1a2401c0fcc7f88217be614fe31805bacec602b728e7fcfc21dcc17d90e9a54ce87f3a0c97624d9ad885aea4
-SHA512 (container-selinux.tgz) = fda5126da783c07978eebd8157b22443a414fcd7e794b25cb958e95a0850b75dad628f9def5fe44bb17f27d850a0b3aeb7bafccaee4b17056fa666331817fc05