diff --git a/apparmor.d/abstractions/app-open b/apparmor.d/abstractions/app-open
index c7d2a86c8..59724f019 100644
--- a/apparmor.d/abstractions/app-open
+++ b/apparmor.d/abstractions/app-open
@@ -39,7 +39,7 @@
   @{bin}/extension-manager      Px,
   @{bin}/filezilla              Px,
   @{bin}/flameshot              Px,
-  @{bin}/gimp{,3}               Px,
+  @{bin}/gimp{,-3.0}            Px,
   @{bin}/gnome-calculator       Px,
   @{bin}/gnome-disk-image-mounter Px,
   @{bin}/gnome-disks            Px,
diff --git a/apparmor.d/abstractions/app/firefox b/apparmor.d/abstractions/app/firefox
index 5e3bc15cb..1dd15f9d8 100644
--- a/apparmor.d/abstractions/app/firefox
+++ b/apparmor.d/abstractions/app/firefox
@@ -99,7 +99,8 @@
   owner @{tmp}/@{name}/* rwk,
   owner @{tmp}/firefox/ rw,
   owner @{tmp}/firefox/* rwk,
-  owner @{tmp}/remote-settings-startup-bundle- w,
+  owner @{tmp}/remote-settings-startup-bundle- rw,
+  owner @{tmp}/remote-settings-startup-bundle-.tmp rw,
   owner @{tmp}/Temp-@{uuid}/ rw,
   owner @{tmp}/Temp-@{uuid}/* rwk,
   owner @{tmp}/tmp-*.xpi rw,
diff --git a/apparmor.d/abstractions/bus-session b/apparmor.d/abstractions/bus-session
index 38d39a489..a1226d8e7 100644
--- a/apparmor.d/abstractions/bus-session
+++ b/apparmor.d/abstractions/bus-session
@@ -6,7 +6,7 @@
 
   unix bind type=stream addr=@@{udbus}/bus/@{profile_name}/session,
 
-  dbus send bus=session path=/org/freedesktop/DBus
+  dbus send bus=session path=/org/freedesktop/{dbus,DBus}
        interface=org.freedesktop.DBus
        member={Hello,AddMatch,RemoveMatch,GetNameOwner,NameHasOwner,StartServiceByName}
        peer=(name=org.freedesktop.DBus, label="@{p_dbus_session}"),
diff --git a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager
index 0f188e05a..78f0de9de 100644
--- a/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager
+++ b/apparmor.d/abstractions/bus/org.freedesktop.NetworkManager
@@ -8,7 +8,7 @@
 
   dbus send bus=system path=/org/freedesktop
        interface=org.freedesktop.DBus.ObjectManager
-       member=GetManagedObjects
+       member={GetManagedObjects,InterfacesRemoved}
        peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
 
   dbus send bus=system path=/org/freedesktop/NetworkManager
@@ -51,6 +51,11 @@
        member=Updated
        peer=(name="{@{busname},org.freedesktop.NetworkManager}", label=NetworkManager),
 
+  dbus receive bus=system path=/org/freedesktop/NetworkManager/ActiveConnection/@{int}
+       interface=org.freedesktop.NetworkManager.Connection.Active
+       member=StateChanged
+       peer=(name=@{busname}, label=NetworkManager),
+
   include if exists <abstractions/bus/org.freedesktop.NetworkManager.d>
 
 # vim:syntax=apparmor
diff --git a/apparmor.d/abstractions/disks-read b/apparmor.d/abstractions/disks-read
index 62e24b70d..e1bf31298 100644
--- a/apparmor.d/abstractions/disks-read
+++ b/apparmor.d/abstractions/disks-read
@@ -44,6 +44,12 @@
   @{sys}/devices/virtual/block/loop@{int}/ r,
   @{sys}/devices/virtual/block/loop@{int}/** r,
 
+  # Xen PVH devices
+  @{sys}/devices/vbd-@{int}/block/** r,
+
+  # Channel subsystem for IBM Z
+  @{sys}/devices/css@{int}/** r,
+
   # LUKS/LVM (device-mapper) devices
   /dev/dm-@{int} rk,
   /dev/mapper/{,*} r,