That's what I figured but I would argue that bug fixes to *Security* 
Enhanced Linux should go into sl-security, which the FAQ appears to 
agree with:

"This repo also contains the latest ‘tzdata’ and ‘selinux-policy’ to 
ensure fixes to these package help protect your system security."

On 02/21/2017 10:56 AM, Mark Stodola wrote:
> On 02/21/2017 10:27 AM, Brian Lin wrote:
>> Hi,
>>
>> According to the FAQ
>> <https://www.scientificlinux.org/documentation/faq/faq-updates/>, the
>> latest 'selinux-policy' is supposed to reside in the security repository
>> but there appear to be newer versions of the package in fastbugs. This
>> has caused some heartache for our users that run with fastbugs disabled.
>> Why are there 'selinux-policy' packages in fastbugs and can this be 
>> fixed?
>>
>> Thanks,
>> Brian
>
> I believe it is because the package in fastbugs is categorized by TUV 
> as a bug fix advisory and not a security advisory...
>
> https://rhn.redhat.com/errata/RHBA-2017-0084.html
>
> The changes fix brokenness, but not security vulnerabilities.