diff --git a/crypto-policies.spec b/crypto-policies.spec
index a910c70..d2f5b70 100644
--- a/crypto-policies.spec
+++ b/crypto-policies.spec
@@ -1,5 +1,5 @@
-%global git_date 20180802
-%global git_commit_hash 1626592
+%global git_date 20180921
+%global git_commit_hash 391ed9f
 
 Name:           crypto-policies
 Version:        %{git_date}
@@ -26,13 +26,15 @@ BuildRequires: perl(File::pushd), perl(File::Temp), perl(File::Copy)
 BuildRequires: perl(File::Which)
 BuildRequires: python3
 
-# used by crypto-update-policies
+# used by update-crypto-policies
 Requires: coreutils
 Requires: grep
 Requires: sed
 Requires(post): coreutils
 Requires(post): grep
 Requires(post): sed
+# used by fips-mode-setup
+Requires: /usr/bin/grubby
 
 %description
 This package provides update-crypto-policies, which is a tool that sets
@@ -105,6 +107,14 @@ make check %{?_smp_mflags}
 %license COPYING.LESSER
 
 %changelog
+* Fri Sep 21 2018 Tomáš Mráz <tmraz@redhat.com> - 20180921-1.git391ed9f
+- OpenSSH: Generate policy for sign algorithms
+- Enable >= 255 bits EC curves in FUTURE policy
+- OpenSSH: Add group1 key exchanges in LEGACY policy
+- NSS: Add SHA224 to hash lists
+- Print warning when update-crypto-policies --set FIPS is used
+- fips-mode-setup: Kernel boot options are now modified with grubby
+
 * Thu Aug  2 2018 Tomáš Mráz <tmraz@redhat.com> - 20180802-1.git1626592
 - Introduce NEXT policy
 
diff --git a/sources b/sources
index 22a1fc5..10e1fae 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (crypto-policies-git1626592.tar.gz) = 0664982a558ac3d88924efd88a2b10db6b84f5a5b3693f823ee52666a257d3ec9628ab4edc59fbb31a9be7cab61946de57b241256fd70574e91ad4227a5ac8cb
+SHA512 (crypto-policies-git391ed9f.tar.gz) = eed9ec279e8f2229ad3a257e8ea1b9702607e6b087f8b6ab7dc19fb8867cc62b9b8ab030dd50940219f42c2186dbaaec961209c7db8daa76d0978108cedd0825