diff --git a/crypto-policies-git8b8e5af.tar.gz b/crypto-policies-git8b8e5af.tar.gz
deleted file mode 100644
index ec38a80759d0295c9e4028d9edecde71cfe2a726..0000000000000000000000000000000000000000
Binary files a/crypto-policies-git8b8e5af.tar.gz and /dev/null differ
diff --git a/crypto-policies-gita4c31a3.tar.gz b/crypto-policies-gita4c31a3.tar.gz
new file mode 100644
index 0000000000000000000000000000000000000000..a1d90fe8dd69a4e7fa0ccf84dc5b0ebb9f7ed026
Binary files /dev/null and b/crypto-policies-gita4c31a3.tar.gz differ
diff --git a/crypto-policies.spec b/crypto-policies.spec
index 2f4d4e6f53f1b4d62b47cd211976938e5a63b909..3efd4986f561eb03ed8402bcca3519b74ecc94c1 100644
--- a/crypto-policies.spec
+++ b/crypto-policies.spec
@@ -1,14 +1,16 @@
-%define anolis_release 2
-%global git_date 20220314
-%global git_commit 8b8e5af4e37cd7d3b12396cd2a2f7487a700680f
+%define anolis_release 1
+%global git_date 20221215
+%global git_commit a4c31a34711325447363d87ba9fec5bb5535903a
 %{?git_commit:%global git_commit_hash %(c=%{git_commit}; echo ${c:0:7})}
 
+%global _python_bytecompile_extra 0
+
 Name:           crypto-policies
 Version:        %{git_date}
 Release:        %{anolis_release}%{?dist}
 Summary:        System-wide crypto policies
 
-License:        LGPLv2+
+License:        LGPLv2.1+
 URL:            https://gitlab.com/redhat-crypto/fedora-crypto-policies
 Source0:        https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/archive/%{git_commit_hash}/%{name}-git%{git_commit_hash}.tar.gz
 
@@ -17,7 +19,7 @@ BuildRequires: asciidoc
 BuildRequires: libxslt
 BuildRequires: openssl
 BuildRequires: gnutls-utils >= 3.6.0
-BuildRequires: java-1.8.0-openjdk-devel
+BuildRequires: java-1.8.0-alibaba-dragonwell-devel
 BuildRequires: bind
 BuildRequires: perl-interpreter
 BuildRequires: perl-generators
@@ -30,6 +32,17 @@ BuildRequires: python3-flake8
 BuildRequires: python3-coverage
 BuildRequires: codespell
 BuildRequires: make
+BuildRequires: krb5-devel
+BuildRequires: openssh-clients
+BuildRequires: openssh-server
+	
+Conflicts: openssl-libs < 3.0.2-2
+Conflicts: nss < 3.44.0
+Conflicts: libreswan < 3.28
+Conflicts: openssh < 8.7p1
+Conflicts: gnutls < 3.7.3
+
+Recommends: crypto-policies-scripts
 
 %description
 This package provides pre-built configuration files with
@@ -54,12 +67,22 @@ defined in simple policy definition files.
 The package also provides a tool fips-mode-setup, which can be used
 to enable or disable the system FIPS mode.
 
+%package doc
+Summary:        Documentation files for %{name}
+Requires:       %{name} = %{version}-%{release}
+BuildArch:      noarch
+
+%description    doc
+The %{name}-doc package contains documentation files for %{name}.
+
 %prep
-%setup -q -n fedora-crypto-policies-%{git_commit}
+%setup -q -n fedora-crypto-policies-%{git_commit_hash}-%{git_commit}
 %autopatch -p1
 
 
 %build
+sed -i "s/MIN_RSA_DEFAULT = .*/MIN_RSA_DEFAULT = 'RequiredRSASize'/" \
+    python/policygenerators/openssh.py
 %make_build
 
 %install
@@ -79,6 +102,9 @@ touch %{buildroot}%{_sysconfdir}/crypto-policies/state/CURRENT.pol
 
 rm -rf %{buildroot}%{_datarootdir}/crypto-policies/GOST-ONLY
 
+rm -rf %{buildroot}%{_datarootdir}/crypto-policies/*FEDORA*
+
+
 for d in LEGACY DEFAULT FUTURE FIPS ; do
     mkdir -p -m 755 %{buildroot}%{_datarootdir}/crypto-policies/back-ends/$d
     for f in %{buildroot}%{_datarootdir}/crypto-policies/$d/* ; do
@@ -134,6 +160,7 @@ end
 
 
 %files
+%license COPYING.LESSER
 %dir %{_sysconfdir}/crypto-policies/
 %dir %{_sysconfdir}/crypto-policies/back-ends/
 %dir %{_sysconfdir}/crypto-policies/state/
@@ -141,9 +168,7 @@ end
 %dir %{_sysconfdir}/crypto-policies/policies/
 %dir %{_sysconfdir}/crypto-policies/policies/modules/
 %dir %{_datarootdir}/crypto-policies/
-
 %ghost %config(missingok,noreplace) %{_sysconfdir}/crypto-policies/config
-
 %ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/gnutls.config
 %ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/openssl.config
 %ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/opensslcnf.config
@@ -156,6 +181,9 @@ end
 %ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/krb5.config
 %ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/libreswan.config
 %ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/libssh.config
+%ghost %config(missingok,noreplace) %verify(not mode) %{_sysconfdir}/crypto-policies/back-ends/sequoia.config
+# %verify(not mode) comes from the fact
+# these turn into symlinks and back to regular files at will, see bz1898986
 
 %ghost %{_sysconfdir}/crypto-policies/state/current
 %ghost %{_sysconfdir}/crypto-policies/state/CURRENT.pol
@@ -171,10 +199,6 @@ end
 %{_datarootdir}/crypto-policies/reload-cmds.sh
 %{_datarootdir}/crypto-policies/policies
 
-%license COPYING.LESSER
-
-
-%license COPYING.LESSER
 
 %files scripts
 %dir %{abidir}
@@ -182,14 +206,18 @@ end
 %{abidir}/update-crypto-policies-option.list
 %{_mandir}/man8/update-crypto-policies.8*
 %{_datarootdir}/crypto-policies/python
-
 %{_bindir}/fips-mode-setup
 %{_bindir}/fips-finish-install
 %{_mandir}/man8/fips-mode-setup.8*
 %{_mandir}/man8/fips-finish-install.8*
 
+%files doc
+%doc NEWS README.md CONTRIBUTING.md  
 
 %changelog
+* Thu Feb 02 2023 happy_orange <songnannan@linux.alibaba.com> - 20221215-1
+- update to 20221215
+
 * Tue Nov 01 2022 mgb01105731 <mgb01105731@alibaba-inc.com> - 20220314-2
 - optimise spec file