The existing dontaudit rules in the apache policy are needed because httpd doesn’t set close-on-exec for various file descriptors it has open before it calls out to CGI scripts etc. So those scripts inherit those file descriptors and could potentially mess with the files httpd has open.
As there is an SELinux domain transition here (e.g. httpd_t -> httpd_sys_script_t) and the httpd_sys_script_t domain isn’t allowed access to most of the files httpd has open, the kernel generates AVC denials at exec() time and closes the files in the child process. The dontaudit rules just prevent the logs getting cluttered with the resulting noise. It would of course be better to get httpd to set close-on-exec but upstream seems reluctant to do that.

Now as for the question of where to report the need for your allow rule, it definitely belongs in the core apache policy rather than the fastcgi module because it references only types from the httpd module. I suggesting raising this on fedora-selinux-list, explaining under what circumstances you need this, and you’ll probably get a helpful answer from Dan Walsh, the selinux-policy maintainer in Fedora.