- Fix two LD_AUDIT security vulnerabilities: spurious $ORIGIN expansion
and missing setuid library check when running as setuid [bnc#646960]

- Fix spurious mapping from lowercase sharp s to uppercase sharp S
which is less standard and causes problems for ISO encodings [bnc#541773]
- Fix integer overflow in ld.so --verify code [bnc#592941]
- Fix addmntent() allowing /etc/mtab corruption by newlines [bnc#594263]
- Fix integer overflow in strfmon() for a crafted format string [bnc#375315]
- Fix stack unwinding past glibc _fini function (proper showing of
destructor backtraces) [bnc#585879]
- Introduce support for shadow database based on NIS passwd.adjunct
[bnc#569091]
- Fix missing hconf setup in nscd - this meant `multi on` in
/etc/host.conf was ignored when nscd was used, breaking e.g.
resolving of multi-AF records in /etc/hosts [bnc#572188]

- Fix errorneous instruction width in power6 memcpy(), memset() [bnc#615556]

- Fix statfs64() on IA64 in 32-bit mode ia32el [bnc#534828]

- Add delimiter in front of external additions to locale/gconv lists.

- Add 623 and 664 to /etc/bindresvport.blacklist to fix problems with
port conflict on some IPMI network cards [bnc#513961]

- Allow external additions to /usr/share/locale/locale.alias and
/usr/lib/gconv/gconv-modules, required for the SAP-locales package.
[bnc#445636]

- Fix a range of problems with the hsearch(), hsearch_r() functions [bnc#538067]

- Fix timer_delete() race condition [bnc#537351]