CVE-2016-7097 causes acl leak
From: Mark Salyzyn
Date: Mon Dec 05 2016 - 12:16:40 EST
Commit 073931017b49d9458aa351605b43a7e34598caef has several occurrences
of an acl leak.
posix_acl_update_mode(inose, &mode, &acl);
. . .
posix_acl_release(acl);
acl is NULLed in posix_acl_update_mode to signal caller to not update
the acl; but because it is nulled, it is never released.
Sincerely -- Mark Salyzyn