diff --git a/fix-compiler-warnings.diff b/fix-compiler-warnings.diff
deleted file mode 100644
index 7c817de..0000000
--- a/fix-compiler-warnings.diff
+++ /dev/null
@@ -1,41 +0,0 @@
---- modules/pam_unix/pam_unix_acct.c
-+++ modules/pam_unix/pam_unix_acct.c	2013/09/12 07:19:05
-@@ -121,7 +121,12 @@
-     if (geteuid() == 0) {
-       /* must set the real uid to 0 so the helper will not error
-          out if pam is called from setuid binary (su, sudo...) */
--      setuid(0);
-+      if (setuid(0) == -1) {
-+          pam_syslog(pamh, LOG_ERR, "setuid failed: %m");
-+          printf("-1\n");
-+          fflush(stdout);
-+          _exit(PAM_AUTHINFO_UNAVAIL);
-+      }
-     }
- 
-     /* exec binary helper */
---- modules/pam_unix/pam_unix_passwd.c
-+++ modules/pam_unix/pam_unix_passwd.c	2013/09/12 07:24:40
-@@ -255,7 +255,7 @@
- 	close(fds[0]);       /* close here to avoid possible SIGPIPE above */
- 	close(fds[1]);
- 	/* wait for helper to complete: */
--	while ((rc=waitpid(child, &retval, 0) < 0 && errno == EINTR);
-+	while ((rc=waitpid(child, &retval, 0) < 0) && errno == EINTR);
- 	if (rc<0) {
- 	  pam_syslog(pamh, LOG_ERR, "unix_update waitpid failed: %m");
- 	  retval = PAM_AUTHTOK_ERR;
---- modules/pam_unix/support.c
-+++ modules/pam_unix/support.c	2013/09/12 07:20:51
-@@ -586,7 +586,10 @@
- 	if (geteuid() == 0) {
-           /* must set the real uid to 0 so the helper will not error
- 	     out if pam is called from setuid binary (su, sudo...) */
--	  setuid(0);
-+	  if (setuid(0) == -1) {
-+             D(("setuid failed"));
-+	     _exit(PAM_AUTHINFO_UNAVAIL);
-+          }
- 	}
- 
- 	/* exec binary helper */
diff --git a/git-20130916.diff b/git-20130916.diff
new file mode 100644
index 0000000..62efb2c
--- /dev/null
+++ b/git-20130916.diff
@@ -0,0 +1,56 @@
+diff --git a/modules/pam_unix/pam_unix_acct.c b/modules/pam_unix/pam_unix_acct.c
+index 865dc29..8ec4449 100644
+--- a/modules/pam_unix/pam_unix_acct.c
++++ b/modules/pam_unix/pam_unix_acct.c
+@@ -121,7 +121,12 @@ int _unix_run_verify_binary(pam_handle_t *pamh, unsigned int ctrl,
+     if (geteuid() == 0) {
+       /* must set the real uid to 0 so the helper will not error
+          out if pam is called from setuid binary (su, sudo...) */
+-      setuid(0);
++      if (setuid(0) == -1) {
++          pam_syslog(pamh, LOG_ERR, "setuid failed: %m");
++          printf("-1\n");
++          fflush(stdout);
++          _exit(PAM_AUTHINFO_UNAVAIL);
++      }
+     }
+ 
+     /* exec binary helper */
+diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
+index 9bc1cd9..9aae3b0 100644
+--- a/modules/pam_unix/pam_unix_passwd.c
++++ b/modules/pam_unix/pam_unix_passwd.c
+@@ -255,7 +255,7 @@ static int _unix_run_update_binary(pam_handle_t *pamh, unsigned int ctrl, const
+ 	close(fds[0]);       /* close here to avoid possible SIGPIPE above */
+ 	close(fds[1]);
+ 	/* wait for helper to complete: */
+-	while ((rc=waitpid(child, &retval, 0) < 0 && errno == EINTR);
++	while ((rc=waitpid(child, &retval, 0)) < 0 && errno == EINTR);
+ 	if (rc<0) {
+ 	  pam_syslog(pamh, LOG_ERR, "unix_update waitpid failed: %m");
+ 	  retval = PAM_AUTHTOK_ERR;
+diff --git a/modules/pam_unix/support.c b/modules/pam_unix/support.c
+index d8f4a6f..19d72e6 100644
+--- a/modules/pam_unix/support.c
++++ b/modules/pam_unix/support.c
+@@ -176,7 +176,7 @@ int _set_ctrl(pam_handle_t *pamh, int flags, int *remember, int *rounds,
+ 	  free (val);
+ 
+ 	  /* read number of rounds for crypt algo */
+-	  if (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl)) {
++	  if (rounds && (on(UNIX_SHA256_PASS, ctrl) || on(UNIX_SHA512_PASS, ctrl))) {
+ 	    val=search_key ("SHA_CRYPT_MAX_ROUNDS", LOGIN_DEFS);
+ 
+ 	    if (val) {
+@@ -586,7 +586,10 @@ static int _unix_run_helper_binary(pam_handle_t *pamh, const char *passwd,
+ 	if (geteuid() == 0) {
+           /* must set the real uid to 0 so the helper will not error
+ 	     out if pam is called from setuid binary (su, sudo...) */
+-	  setuid(0);
++	  if (setuid(0) == -1) {
++             D(("setuid failed"));
++	     _exit(PAM_AUTHINFO_UNAVAIL);
++          }
+ 	}
+ 
+ 	/* exec binary helper */
diff --git a/pam.changes b/pam.changes
index d01ccbe..847d710 100644
--- a/pam.changes
+++ b/pam.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Mon Sep 16 11:54:15 CEST 2013 - kukuk@suse.de
+
+- Replace fix-compiler-warnings.diff with current git snapshot
+  (git-20130916.diff) for pam_unix.so:
+  - fix glibc warnings
+  - fix syntax error in SELinux code
+  - fix crash at login
+
 -------------------------------------------------------------------
 Thu Sep 12 10:05:53 CEST 2013 - kukuk@suse.de
 
diff --git a/pam.spec b/pam.spec
index 23ea606..c670f8a 100644
--- a/pam.spec
+++ b/pam.spec
@@ -53,7 +53,7 @@ Source7:        common-session.pamd
 Source8:        etc.environment
 Source9:        baselibs.conf
 Patch0:         pam_tally-deprecated.diff
-Patch1:         fix-compiler-warnings.diff
+Patch1:         git-20130916.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -98,7 +98,7 @@ building both PAM-aware applications and modules for use with PAM.
 %prep
 %setup -q -n Linux-PAM-%{version} -b 1
 %patch0 -p0
-%patch1 -p0
+%patch1 -p1
 
 %build
 export CFLAGS="%optflags -DNDEBUG"