diff --git a/automount.te b/automount.te
index 9f79436..a579c3b 100644
--- a/automount.te
+++ b/automount.te
@@ -1,4 +1,4 @@
-policy_module(automount, 1.13.2)
+policy_module(automount, 1.13.3)
 
 ########################################
 #
@@ -27,7 +27,7 @@ files_mountpoint(automount_tmp_t)
 # Local policy
 #
 
-allow automount_t self:capability { net_bind_service setgid setuid sys_nice sys_resource dac_override sys_admin };
+allow automount_t self:capability { setgid setuid sys_nice sys_resource dac_override sys_admin };
 dontaudit automount_t self:capability sys_tty_config;
 allow automount_t self:process { signal_perms getpgid setpgid setsched setrlimit };
 allow automount_t self:fifo_file rw_fifo_file_perms;
diff --git a/bird.te b/bird.te
index e6635e3..d4d71ec 100644
--- a/bird.te
+++ b/bird.te
@@ -1,4 +1,4 @@
-policy_module(bird, 1.0.1)
+policy_module(bird, 1.0.2)
 
 ########################################
 #
@@ -26,7 +26,7 @@ files_pid_file(bird_var_run_t)
 # Local policy
 #
 
-allow bird_t self:capability { net_admin net_bind_service };
+allow bird_t self:capability net_admin;
 allow bird_t self:netlink_route_socket create_netlink_socket_perms;
 allow bird_t self:tcp_socket create_stream_socket_perms;
 
diff --git a/cups.te b/cups.te
index 963fa5e..9f34c2e 100644
--- a/cups.te
+++ b/cups.te
@@ -1,4 +1,4 @@
-policy_module(cups, 1.15.8)
+policy_module(cups, 1.15.9)
 
 ########################################
 #
@@ -102,7 +102,7 @@ ifdef(`enable_mls',`
 # Cups local policy
 #
 
-allow cupsd_t self:capability { ipc_lock sys_admin dac_override dac_read_search kill setgid setuid fsetid net_bind_service fowner chown dac_override sys_rawio sys_resource sys_tty_config };
+allow cupsd_t self:capability { ipc_lock sys_admin dac_override dac_read_search kill setgid setuid fsetid fowner chown dac_override sys_rawio sys_resource sys_tty_config };
 dontaudit cupsd_t self:capability { sys_tty_config net_admin };
 allow cupsd_t self:capability2 block_suspend;
 allow cupsd_t self:process { getpgid setpgid setsched signal_perms };
diff --git a/cyrus.te b/cyrus.te
index 93ddb95..395f97c 100644
--- a/cyrus.te
+++ b/cyrus.te
@@ -1,4 +1,4 @@
-policy_module(cyrus, 1.12.1)
+policy_module(cyrus, 1.12.2)
 
 ########################################
 #
@@ -26,7 +26,7 @@ files_pid_file(cyrus_var_run_t)
 # Local policy
 #
 
-allow cyrus_t self:capability { dac_override net_bind_service setgid setuid sys_resource };
+allow cyrus_t self:capability { dac_override setgid setuid sys_resource };
 dontaudit cyrus_t self:capability sys_tty_config;
 allow cyrus_t self:process ~{ ptrace setcurrent setexec setfscreate setrlimit execmem execstack execheap };
 allow cyrus_t self:process setrlimit;
diff --git a/djbdns.te b/djbdns.te
index a195011..463d290 100644
--- a/djbdns.te
+++ b/djbdns.te
@@ -1,4 +1,4 @@
-policy_module(djbdns, 1.5.2)
+policy_module(djbdns, 1.5.3)
 
 ########################################
 #
@@ -18,7 +18,7 @@ djbdns_daemontools_domain_template(tinydns)
 # Common local policy
 #
 
-allow djbdns_domain self:capability { net_bind_service setgid setuid sys_chroot };
+allow djbdns_domain self:capability { setgid setuid sys_chroot };
 allow djbdns_domain self:process signal;
 allow djbdns_domain self:fifo_file rw_fifo_file_perms;
 allow djbdns_domain self:tcp_socket create_stream_socket_perms;
diff --git a/dnsmasq.te b/dnsmasq.te
index 8df4c7a..ba14bcf 100644
--- a/dnsmasq.te
+++ b/dnsmasq.te
@@ -1,4 +1,4 @@
-policy_module(dnsmasq, 1.9.2)
+policy_module(dnsmasq, 1.9.3)
 
 ########################################
 #
@@ -29,7 +29,7 @@ files_pid_file(dnsmasq_var_run_t)
 # Local policy
 #
 
-allow dnsmasq_t self:capability { chown dac_override net_admin setgid setuid net_bind_service net_raw };
+allow dnsmasq_t self:capability { chown dac_override net_admin setgid setuid net_raw };
 dontaudit dnsmasq_t self:capability sys_tty_config;
 allow dnsmasq_t self:process { getcap setcap signal_perms };
 allow dnsmasq_t self:fifo_file rw_fifo_file_perms;
diff --git a/dovecot.te b/dovecot.te
index 07186d1..73c8686 100644
--- a/dovecot.te
+++ b/dovecot.te
@@ -1,4 +1,4 @@
-policy_module(dovecot, 1.15.4)
+policy_module(dovecot, 1.15.5)
 
 ########################################
 #
@@ -89,7 +89,7 @@ miscfiles_read_localization(dovecot_domain)
 # Local policy
 #
 
-allow dovecot_t self:capability { dac_override dac_read_search chown fsetid kill net_bind_service setgid setuid sys_chroot };
+allow dovecot_t self:capability { dac_override dac_read_search chown fsetid kill setgid setuid sys_chroot };
 dontaudit dovecot_t self:capability sys_tty_config;
 allow dovecot_t self:process { setrlimit signal_perms getcap setcap setsched };
 allow dovecot_t self:tcp_socket { accept listen };
diff --git a/glusterfs.te b/glusterfs.te
index 6c815e1..fd02acc 100644
--- a/glusterfs.te
+++ b/glusterfs.te
@@ -1,4 +1,4 @@
-policy_module(glusterfs, 1.0.0)
+policy_module(glusterfs, 1.0.1)
 
 ########################################
 #
@@ -32,7 +32,7 @@ files_type(glusterd_var_lib_t);
 # Local policy
 #
 
-allow glusterd_t self:capability { net_bind_service sys_admin sys_resource dac_override chown dac_read_search fowner };
+allow glusterd_t self:capability { sys_admin sys_resource dac_override chown dac_read_search fowner };
 allow glusterd_t self:process { setrlimit signal };
 allow glusterd_t self:fifo_file rw_fifo_file_perms;
 allow glusterd_t self:tcp_socket { accept listen };
diff --git a/hal.te b/hal.te
index 4ee8cff..0801fe1 100644
--- a/hal.te
+++ b/hal.te
@@ -1,4 +1,4 @@
-policy_module(hal, 1.14.4)
+policy_module(hal, 1.14.5)
 
 ########################################
 #
@@ -446,7 +446,7 @@ logging_search_logs(hald_keymap_t)
 # Dccm local policy
 #
 
-allow hald_dccm_t self:capability { chown net_bind_service };
+allow hald_dccm_t self:capability chown;
 allow hald_dccm_t self:process getsched;
 allow hald_dccm_t self:fifo_file rw_fifo_file_perms;
 allow hald_dccm_t self:tcp_socket create_stream_socket_perms;
diff --git a/iodine.te b/iodine.te
index 59cc378..94ec5f8 100644
--- a/iodine.te
+++ b/iodine.te
@@ -1,4 +1,4 @@
-policy_module(iodine, 1.0.1)
+policy_module(iodine, 1.0.2)
 
 ########################################
 #
@@ -17,7 +17,7 @@ init_script_file(iodined_initrc_exec_t)
 # Local policy
 #
 
-allow iodined_t self:capability { net_admin net_bind_service net_raw sys_chroot setgid setuid };
+allow iodined_t self:capability { net_admin net_raw sys_chroot setgid setuid };
 allow iodined_t self:rawip_socket create_socket_perms;
 allow iodined_t self:tun_socket create_socket_perms;
 allow iodined_t self:udp_socket connected_socket_perms;
diff --git a/kerberos.te b/kerberos.te
index 56ad247..3465a9a 100644
--- a/kerberos.te
+++ b/kerberos.te
@@ -1,4 +1,4 @@
-policy_module(kerberos, 1.11.6)
+policy_module(kerberos, 1.11.7)
 
 ########################################
 #
@@ -281,7 +281,6 @@ optional_policy(`
 # kpropd local policy
 #
 
-allow kpropd_t self:capability net_bind_service;
 allow kpropd_t self:process setfscreate;
 allow kpropd_t self:fifo_file rw_fifo_file_perms;
 allow kpropd_t self:unix_stream_socket { accept listen };
diff --git a/l2tp.te b/l2tp.te
index 3f572f8..19f2b97 100644
--- a/l2tp.te
+++ b/l2tp.te
@@ -1,4 +1,4 @@
-policy_module(l2tp, 1.0.4)
+policy_module(l2tp, 1.0.5)
 
 ########################################
 #
@@ -26,7 +26,7 @@ files_pid_file(l2tpd_var_run_t)
 # Local policy
 #
 
-allow l2tpd_t self:capability { net_admin net_bind_service };
+allow l2tpd_t self:capability net_admin;
 allow l2tpd_t self:process signal;
 allow l2tpd_t self:fifo_file rw_fifo_file_perms;
 allow l2tpd_t self:netlink_socket create_socket_perms;
diff --git a/lpd.te b/lpd.te
index c00926d..b9270f7 100644
--- a/lpd.te
+++ b/lpd.te
@@ -1,4 +1,4 @@
-policy_module(lpd, 1.13.4)
+policy_module(lpd, 1.13.5)
 
 ########################################
 #
@@ -126,7 +126,7 @@ optional_policy(`
 # Lpd local policy
 #
 
-allow lpd_t self:capability { setgid setuid net_bind_service dac_read_search dac_override chown fowner };
+allow lpd_t self:capability { setgid setuid dac_read_search dac_override chown fowner };
 dontaudit lpd_t self:capability sys_tty_config;
 allow lpd_t self:process signal_perms;
 allow lpd_t self:fifo_file rw_fifo_file_perms;
diff --git a/mysql.te b/mysql.te
index b1880c6..9f6179e 100644
--- a/mysql.te
+++ b/mysql.te
@@ -1,4 +1,4 @@
-policy_module(mysql, 1.13.4)
+policy_module(mysql, 1.13.5)
 
 ########################################
 #
@@ -62,7 +62,7 @@ files_pid_file(mysqlmanagerd_var_run_t)
 # Local policy
 #
 
-allow mysqld_t self:capability { dac_override ipc_lock setgid setuid sys_resource net_bind_service };
+allow mysqld_t self:capability { dac_override ipc_lock setgid setuid sys_resource };
 dontaudit mysqld_t self:capability sys_tty_config;
 allow mysqld_t self:process { setsched getsched setrlimit signal_perms rlimitinh };
 allow mysqld_t self:fifo_file rw_fifo_file_perms;
diff --git a/nagios.te b/nagios.te
index 76c17eb..44ad3b7 100644
--- a/nagios.te
+++ b/nagios.te
@@ -1,4 +1,4 @@
-policy_module(nagios, 1.12.2)
+policy_module(nagios, 1.12.3)
 
 ########################################
 #
@@ -357,7 +357,7 @@ storage_raw_read_fixed_disk(nagios_checkdisk_plugin_t)
 # Services local policy
 #
 
-allow nagios_services_plugin_t self:capability { net_bind_service net_raw };
+allow nagios_services_plugin_t self:capability net_raw;
 allow nagios_services_plugin_t self:process { signal sigkill };
 allow nagios_services_plugin_t self:tcp_socket { accept listen };
 
diff --git a/networkmanager.te b/networkmanager.te
index 9165561..0b48a30 100644
--- a/networkmanager.te
+++ b/networkmanager.te
@@ -1,4 +1,4 @@
-policy_module(networkmanager, 1.14.6)
+policy_module(networkmanager, 1.14.7)
 
 ########################################
 #
@@ -39,7 +39,7 @@ init_system_domain(wpa_cli_t, wpa_cli_exec_t)
 # Local policy
 #
 
-allow NetworkManager_t self:capability { chown fsetid kill setgid setuid sys_nice dac_override net_admin net_raw net_bind_service ipc_lock };
+allow NetworkManager_t self:capability { chown fsetid kill setgid setuid sys_nice dac_override net_admin net_raw ipc_lock };
 dontaudit NetworkManager_t self:capability { sys_tty_config sys_module sys_ptrace };
 allow NetworkManager_t self:process { ptrace getcap setcap setpgid getsched setsched signal_perms };
 allow NetworkManager_t self:fifo_file rw_fifo_file_perms;
diff --git a/openvpn.te b/openvpn.te
index 9cfb0cf..3270ff9 100644
--- a/openvpn.te
+++ b/openvpn.te
@@ -1,4 +1,4 @@
-policy_module(openvpn, 1.11.2)
+policy_module(openvpn, 1.11.3)
 
 ########################################
 #
@@ -43,7 +43,7 @@ files_pid_file(openvpn_var_run_t)
 # Local policy
 #
 
-allow openvpn_t self:capability { dac_read_search dac_override ipc_lock net_bind_service net_admin setgid setuid sys_chroot sys_tty_config sys_nice };
+allow openvpn_t self:capability { dac_read_search dac_override ipc_lock net_admin setgid setuid sys_chroot sys_tty_config sys_nice };
 allow openvpn_t self:process { signal getsched setsched };
 allow openvpn_t self:fifo_file rw_fifo_file_perms;
 allow openvpn_t self:unix_dgram_socket sendto;
diff --git a/postfix.te b/postfix.te
index d38afff..191a66f 100644
--- a/postfix.te
+++ b/postfix.te
@@ -1,4 +1,4 @@
-policy_module(postfix, 1.14.9)
+policy_module(postfix, 1.14.10)
 
 ########################################
 #
@@ -194,7 +194,7 @@ domain_use_interactive_fds(postfix_user_domains)
 # Master local policy
 #
 
-allow postfix_master_t self:capability { chown dac_override kill fowner setgid setuid net_bind_service sys_tty_config };
+allow postfix_master_t self:capability { chown dac_override kill fowner setgid setuid sys_tty_config };
 allow postfix_master_t self:capability2 block_suspend;
 allow postfix_master_t self:process setrlimit;
 allow postfix_master_t self:tcp_socket create_stream_socket_perms;
diff --git a/ricci.te b/ricci.te
index e026a9f..9702ed2 100644
--- a/ricci.te
+++ b/ricci.te
@@ -1,4 +1,4 @@
-policy_module(ricci, 1.7.3)
+policy_module(ricci, 1.7.4)
 
 ########################################
 #
@@ -198,7 +198,7 @@ optional_policy(`
 # Modcluster local policy
 #
 
-allow ricci_modcluster_t self:capability { net_bind_service sys_nice };
+allow ricci_modcluster_t self:capability sys_nice;
 allow ricci_modcluster_t self:process setsched;
 allow ricci_modcluster_t self:fifo_file rw_fifo_file_perms;
 
diff --git a/rpc.te b/rpc.te
index 7990cdc..e671240 100644
--- a/rpc.te
+++ b/rpc.te
@@ -1,4 +1,4 @@
-policy_module(rpc, 1.14.4)
+policy_module(rpc, 1.14.5)
 
 ########################################
 #
@@ -61,7 +61,6 @@ files_mountpoint(var_lib_nfs_t)
 #
 
 dontaudit rpc_domain self:capability { net_admin sys_tty_config };
-allow rpc_domain self:capability net_bind_service;
 allow rpc_domain self:process signal_perms;
 allow rpc_domain self:unix_stream_socket { accept listen };
 allow rpc_domain self:tcp_socket { accept listen };
diff --git a/sendmail.te b/sendmail.te
index 74858f5..5f35d78 100644
--- a/sendmail.te
+++ b/sendmail.te
@@ -1,4 +1,4 @@
-policy_module(sendmail, 1.11.4)
+policy_module(sendmail, 1.11.5)
 
 ########################################
 #
@@ -37,7 +37,7 @@ role sendmail_unconfined_roles types unconfined_sendmail_t;
 # Local policy
 #
 
-allow sendmail_t self:capability { dac_override setuid setgid net_bind_service sys_nice chown sys_tty_config };
+allow sendmail_t self:capability { dac_override setuid setgid sys_nice chown sys_tty_config };
 allow sendmail_t self:process { setsched setpgid setrlimit signal signull };
 allow sendmail_t self:fifo_file rw_fifo_file_perms;
 allow sendmail_t self:unix_stream_socket { accept listen };
diff --git a/uwimap.te b/uwimap.te
index d5e9d62..4e06a93 100644
--- a/uwimap.te
+++ b/uwimap.te
@@ -1,4 +1,4 @@
-policy_module(uwimap, 1.9.1)
+policy_module(uwimap, 1.9.2)
 
 ########################################
 #
@@ -20,7 +20,7 @@ files_pid_file(imapd_var_run_t)
 # Local policy
 #
 
-allow imapd_t self:capability { dac_override net_bind_service setgid setuid sys_resource };
+allow imapd_t self:capability { dac_override setgid setuid sys_resource };
 dontaudit imapd_t self:capability sys_tty_config;
 allow imapd_t self:process signal_perms;
 allow imapd_t self:fifo_file rw_fifo_file_perms;
diff --git a/virt.te b/virt.te
index 9207d96..8b88503 100644
--- a/virt.te
+++ b/virt.te
@@ -1,4 +1,4 @@
-policy_module(virt, 1.6.8)
+policy_module(virt, 1.6.9)
 
 ########################################
 #
@@ -1083,7 +1083,7 @@ optional_policy(`
 # Lxc net local policy
 #
 
-allow svirt_lxc_net_t self:capability { chown dac_read_search dac_override fowner fsetid net_raw net_admin net_bind_service sys_admin sys_nice sys_ptrace sys_resource setpcap };
+allow svirt_lxc_net_t self:capability { chown dac_read_search dac_override fowner fsetid net_raw net_admin sys_admin sys_nice sys_ptrace sys_resource setpcap };
 dontaudit svirt_lxc_net_t self:capability2 block_suspend;
 allow svirt_lxc_net_t self:process setrlimit;
 allow svirt_lxc_net_t self:tcp_socket { accept listen };
diff --git a/zarafa.te b/zarafa.te
index e12a990..a4479b1 100644
--- a/zarafa.te
+++ b/zarafa.te
@@ -1,4 +1,4 @@
-policy_module(zarafa, 1.1.3)
+policy_module(zarafa, 1.1.4)
 
 ########################################
 #
@@ -98,8 +98,6 @@ manage_lnk_files_pattern(zarafa_indexer_t, zarafa_var_lib_t, zarafa_var_lib_t)
 # Server local policy
 #
 
-allow zarafa_server_t self:capability net_bind_service;
-
 manage_dirs_pattern(zarafa_server_t, zarafa_server_tmp_t, zarafa_server_tmp_t)
 manage_files_pattern(zarafa_server_t, zarafa_server_tmp_t, zarafa_server_tmp_t)
 files_tmp_filetrans(zarafa_server_t, zarafa_server_tmp_t, { file dir })