diff --git a/components/engine/vendor.conf b/components/engine/vendor.conf
index c3c551eb00..f5a6002d56 100644
--- a/components/engine/vendor.conf
+++ b/components/engine/vendor.conf
@@ -143,7 +143,7 @@ github.com/Nvveen/Gotty a8b993ba6abdb0e0c12b0125c603323a71c7790c https://github.
 # metrics
 github.com/docker/go-metrics d466d4f6fd960e01820085bd7e1a24426ee7ef18
 
-github.com/opencontainers/selinux v1.0.0-rc1
+github.com/opencontainers/selinux b29023b86e4a69d1b46b7e7b4e2b6fda03f0b9cd
 
 # archive/tar
 # mkdir -p ./vendor/archive
diff --git a/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go b/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go
index 569dcf0841..c008a387bf 100644
--- a/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go
+++ b/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/label/label_selinux.go
@@ -49,8 +49,10 @@ func InitLabels(options []string) (string, string, error) {
 				mcon[con[0]] = con[1]
 			}
 		}
+		_ = ReleaseLabel(processLabel)
 		processLabel = pcon.Get()
 		mountLabel = mcon.Get()
+		_ = ReserveLabel(processLabel)
 	}
 	return processLabel, mountLabel, nil
 }
diff --git a/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go b/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go
index 4cf2c45de7..de9316c2e2 100644
--- a/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go
+++ b/components/engine/vendor/github.com/opencontainers/selinux/go-selinux/selinux.go
@@ -213,7 +213,7 @@ func SetFileLabel(path string, label string) error {
 	return lsetxattr(path, xattrNameSelinux, []byte(label), 0)
 }
 
-// Filecon returns the SELinux label for this path or returns an error.
+// FileLabel returns the SELinux label for this path or returns an error.
 func FileLabel(path string) (string, error) {
 	label, err := lgetxattr(path, xattrNameSelinux)
 	if err != nil {
@@ -331,7 +331,7 @@ func EnforceMode() int {
 }
 
 /*
-SetEnforce sets the current SELinux mode Enforcing, Permissive.
+SetEnforceMode sets the current SELinux mode Enforcing, Permissive.
 Disabled is not valid, since this needs to be set at boot time.
 */
 func SetEnforceMode(mode int) error {