diff --git a/SOURCES/acl-2.2.52-setfacl-man-page.patch b/SOURCES/acl-2.2.52-setfacl-man-page.patch
new file mode 100644
index 0000000..f86f9ee
--- /dev/null
+++ b/SOURCES/acl-2.2.52-setfacl-man-page.patch
@@ -0,0 +1,60 @@
+From ecee95a94420d6b0336d4caec6bc66b53442367b Mon Sep 17 00:00:00 2001
+From: Kamil Dudka <kdudka@redhat.com>
+Date: Thu, 19 May 2016 10:28:13 +0200
+Subject: [PATCH] setfacl.1: document the meaning of '-' in perms
+
+[agruen: Description further clarified.]
+
+Upstream-commit: ea3c6bb711e76d91759f8bf5475e1900362a3142
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ man/man1/setfacl.1 | 28 +++++++++++++++++++++-------
+ 1 file changed, 21 insertions(+), 7 deletions(-)
+
+diff --git a/man/man1/setfacl.1 b/man/man1/setfacl.1
+index 0c7c046..e092e51 100644
+--- a/man/man1/setfacl.1
++++ b/man/man1/setfacl.1
+@@ -194,18 +194,32 @@ you can specify either a name or a number.
+ .PP
+ The
+ .I perms
+-field is a combination of characters that indicate the permissions: read
++field is a combination of characters that indicate the read
+ .IR (r) ,
+ write
+ .IR (w) ,
+ execute
+-.IR (x) ,
+-execute only if the file is a directory or already has execute permission
+-for some user
+-.IR (X) .
+-Alternatively, the
++.IR (x)
++permissions.  Dash characters in the
+ .I perms
+-field can be an octal digit (0\-7).
++field
++.IR (\-)
++are ignored.  The character
++.I X
++stands for the execute permission if the file is a directory or already has
++execute permission for some user.  Alternatively, the
++.I perms
++field can define the permissions numerically, as a bit-wise combination of read
++.IR (4) ,
++write
++.IR (2) ,
++and execute
++.IR (1) .
++Zero
++.I perms
++fields or
++.I perms
++fields that only consist of dashes indicate no permissions.
+ .PP
+ .SS AUTOMATICALLY CREATED ENTRIES
+ Initially, files and directories contain only the three base ACL entries
+-- 
+2.5.5
+
diff --git a/SOURCES/acl-2.2.52-setfacl-restore-initialize.patch b/SOURCES/acl-2.2.52-setfacl-restore-initialize.patch
new file mode 100644
index 0000000..2a6dd43
--- /dev/null
+++ b/SOURCES/acl-2.2.52-setfacl-restore-initialize.patch
@@ -0,0 +1,40 @@
+From eb123384d1e4001b62a578ec1df53aa23016aed3 Mon Sep 17 00:00:00 2001
+From: Andreas Gruenbacher <agruenba@redhat.com>
+Date: Fri, 17 Mar 2017 10:17:01 +0100
+Subject: [PATCH] setfacl --restore: Silence valgrind
+
+Valgrind complains that setfacl --restore triggers uninitialized memory
+accesses to cmd->c_tag and cmd->c_perm of CMD_REMOVE_ACL commands in
+do_set (http://savannah.nongnu.org/bugs/?50566).  In this case, the
+uninitialized memory accesses have no effect.  Silence valgrind by
+initializing cmd->c_tag and cmd->c_perm anyway.
+
+Upstream-commit: 33f01b5d5bd98fceee0ba46cdbddb60b36fc650e
+Signed-off-by: Kamil Dudka <kdudka@redhat.com>
+---
+ setfacl/sequence.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/setfacl/sequence.c b/setfacl/sequence.c
+index a418b23..5ed182e 100644
+--- a/setfacl/sequence.c
++++ b/setfacl/sequence.c
+@@ -29,7 +29,14 @@ cmd_t
+ cmd_init(
+ 	void)
+ {
+-	return (cmd_t)malloc(sizeof(struct cmd_obj));
++	cmd_t cmd;
++
++	cmd = malloc(sizeof(struct cmd_obj));
++	if (cmd) {
++		cmd->c_tag = ACL_UNDEFINED_TAG;
++		cmd->c_perm = 0;
++	}
++	return cmd;
+ }
+ 
+ 
+-- 
+2.9.4
+
diff --git a/SPECS/acl.spec b/SPECS/acl.spec
index 3eab8d6..36af094 100644
--- a/SPECS/acl.spec
+++ b/SPECS/acl.spec
@@ -1,7 +1,7 @@
 Summary: Access control list utilities
 Name: acl
 Version: 2.2.51
-Release: 12%{?dist}
+Release: 14%{?dist}
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 BuildRequires: gawk
 BuildRequires: gettext
@@ -20,6 +20,12 @@ Patch6: acl-2.2.49-bz675451.patch
 # fix SIGSEGV of getfacl -e on overly long group name
 Patch7: acl-2.2.51-getfacl-segv.patch
 
+# setfacl.1: document the meaning of '-' in perms (#1337039)
+Patch8: acl-2.2.52-setfacl-man-page.patch
+
+# fix spurious acl_check() failure on setfacl --restore (#1451820)
+Patch9: acl-2.2.52-setfacl-restore-initialize.patch
+
 License: GPLv2+
 Group: System Environment/Base
 URL: http://acl.bestbits.at/
@@ -58,6 +64,8 @@ defined in POSIX 1003.1e draft standard 17.
 %patch4 -p1
 %patch6 -p1
 %patch7 -p1
+%patch8 -p1
+%patch9 -p1
 
 %build
 touch .census
@@ -74,6 +82,11 @@ make %{?_smp_mflags} LIBTOOL="libtool --tag=CC"
 if ./setfacl/setfacl -m u:`id -u`:rwx .; then
     make tests || exit $?
     if test 0 = `id -u`; then
+        # test/root/permissions.test requires the 'daemon' user to be a member
+        # of the 'bin' group in order not to fail.  Prevent the test from
+        # running if we detect that its requirements are not met (#1085389).
+        id -nG daemon | grep bin >/dev/null || rm -f test/root/permissions.test
+
         make root-tests || exit $?
     fi
 else
@@ -120,6 +133,13 @@ chmod 0755 $RPM_BUILD_ROOT/%{_libdir}/libacl.so.*.*.*
 %{_libdir}/libacl.so.*
 
 %changelog
+* Thu May 18 2017 Kamil Dudka <dkdudka@redhat.com> - 2.2.51-14
+- fix spurious acl_check() failure on setfacl --restore (#1451820)
+
+* Thu May 19 2016 Kamil Dudka <dkdudka@redhat.com> - 2.2.51-13
+- avoid failure of %%check when building as root (#1085389)
+- setfacl.1: document the meaning of '-' in perms (#1337039)
+
 * Tue Jan 28 2014 Daniel Mach <dmach@redhat.com> - 2.2.51-12
 - Mass rebuild 2014-01-24