diff --git a/gen-tempname-randomness.patch b/gen-tempname-randomness.patch
new file mode 100644
index 0000000..11c4029
--- /dev/null
+++ b/gen-tempname-randomness.patch
@@ -0,0 +1,28 @@
+From 5f62cf88c4530c11904482775b7582bd7f6d80d2 Mon Sep 17 00:00:00 2001
+From: Andreas Schwab <schwab@suse.de>
+Date: Wed, 25 Sep 2024 11:49:30 +0200
+Subject: [PATCH] Fix missing randomness in __gen_tempname (bug 32214)
+
+Make sure to update the random value also if getrandom fails.
+
+Fixes: 686d542025 ("posix: Sync tempname with gnulib")
+---
+ sysdeps/posix/tempname.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/sysdeps/posix/tempname.c b/sysdeps/posix/tempname.c
+index c00fe0c181..fc30958a0c 100644
+--- a/sysdeps/posix/tempname.c
++++ b/sysdeps/posix/tempname.c
+@@ -117,6 +117,8 @@ random_bits (random_value *r, random_value s)
+      succeed.  */
+ #if !_LIBC
+   *r = mix_random_values (v, clock ());
++#else
++  *r = v;
+ #endif
+   return false;
+ }
+-- 
+2.46.2
+
diff --git a/glibc-2.3.90-langpackdir.diff b/glibc-2.3.90-langpackdir.diff
deleted file mode 100644
index 5cb7dab..0000000
--- a/glibc-2.3.90-langpackdir.diff
+++ /dev/null
@@ -1,33 +0,0 @@
-Index: glibc-2.38/intl/loadmsgcat.c
-===================================================================
---- glibc-2.38.orig/intl/loadmsgcat.c
-+++ glibc-2.38/intl/loadmsgcat.c
-@@ -796,8 +796,26 @@ _nl_load_domain (struct loaded_l10nfile
-   if (domain_file->filename == NULL)
-     goto out;
- 
--  /* Try to open the addressed file.  */
--  fd = open (domain_file->filename, O_RDONLY | O_BINARY);
-+  /* Replace /locale/ with /usr/share/locale-langpack/ */
-+  const char *langpackdir = "/usr/share/locale-langpack/";
-+  char *filename_langpack = malloc (strlen (domain_file->filename)
-+				    + strlen (langpackdir));
-+  if (filename_langpack != NULL)
-+    {
-+      char *p = strstr (domain_file->filename, "/locale/");
-+      if (p != NULL)
-+	{
-+	  strcpy (__stpcpy (filename_langpack, langpackdir), p + 8);
-+	  fd = open (filename_langpack, O_RDONLY | O_BINARY);
-+	}
-+
-+      free (filename_langpack);
-+    }
-+
-+  if (fd == -1)
-+    /* Try to open the addressed file.  */
-+    fd = open (domain_file->filename, O_RDONLY | O_BINARY);
-+
-   if (fd == -1)
-     goto out;
- 
diff --git a/glibc.changes b/glibc.changes
index b4863c9..c8bdfb2 100644
--- a/glibc.changes
+++ b/glibc.changes
@@ -1,3 +1,19 @@
+-------------------------------------------------------------------
+Mon Sep 30 20:56:18 UTC 2024 - Stanislav Brabec <sbrabec@suse.com>
+
+- langpacks are no more used. Drop glibc-2.3.90-langpackdir.diff.
+
+-------------------------------------------------------------------
+Thu Sep 26 11:45:57 UTC 2024 - Andreas Schwab <schwab@suse.de>
+
+- gen-tempname-randomness.patch: Fix missing randomness in __gen_tempname
+  (bsc#1230965, BZ #32214)
+
+-------------------------------------------------------------------
+Wed Sep 18 15:11:48 UTC 2024 - Andreas Schwab <schwab@suse.de>
+
+- Use nss-systemd by default also in SLE (bsc#1230638)
+
 -------------------------------------------------------------------
 Mon Jul 29 07:50:31 UTC 2024 - Andreas Schwab <schwab@suse.de>
 
diff --git a/glibc.spec b/glibc.spec
index 5b9fdc9..619ac22 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -170,7 +170,6 @@ Source1:        https://ftp.gnu.org/pub/gnu/glibc/glibc-%{version}.tar.xz.sig
 Source2:        http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=libc&download=1#/glibc.keyring
 Source4:        manpages.tar.bz2
 Source5:        nsswitch.conf
-Source6:        sle-nsswitch.conf
 Source7:        bindresvport.blacklist
 Source9:        glibc.rpmlintrc
 Source10:       baselibs.conf
@@ -276,8 +275,6 @@ Patch10:        glibc-version.diff
 Patch13:        glibc-2.3.2.no_archive.diff
 # PATCH-FIX-OPENSUSE -- add blacklist for bindresvport
 Patch14:        glibc-bindresvport-blacklist.diff
-# PATCH-FIX-OPENSUSE prefer -lang rpm packages
-Patch15:        glibc-2.3.90-langpackdir.diff
 # PATCH-FEATURE-SLE Use nscd user for nscd
 Patch19:        nscd-server-user.patch
 # PATCH-FEATURE-SLE read nsswich.conf from /usr
@@ -302,6 +299,8 @@ Patch306:       glibc-fix-double-loopback.diff
 %if %{without snapshot}
 ###
 # Patches from upstream
+# PATCH-FIX-UPSTREAM Fix missing randomness in __gen_tempname (BZ #32214)
+Patch1000:      gen-tempname-randomness.patch
 ###
 %endif
 
@@ -920,7 +919,7 @@ install -m 644 %{SOURCE7} %{buildroot}/etc
 %if %suse_version > 1500
 install -D -m 644 %{SOURCE5} %{buildroot}%{_prefix}/etc/nsswitch.conf
 %else
-install -m 644 %{SOURCE6} %{buildroot}/etc/nsswitch.conf
+install -m 644 %{SOURCE5} %{buildroot}/etc/nsswitch.conf
 %endif
 
 %if %{build_html}
diff --git a/sle-nsswitch.conf b/sle-nsswitch.conf
deleted file mode 100644
index 7e3ba34..0000000
--- a/sle-nsswitch.conf
+++ /dev/null
@@ -1,75 +0,0 @@
-#
-# /etc/nsswitch.conf
-#
-# An example Name Service Switch config file. This file should be
-# sorted with the most-used services at the beginning.
-#
-# Valid databases are: aliases, ethers, group, gshadow, hosts,
-# initgroups, netgroup, networks, passwd, protocols, publickey,
-# rpc, services, and shadow.
-#
-# Valid service provider entries include (in alphabetical order):
-#
-#	compat			Use /etc files plus *_compat pseudo-db
-#	db			Use the pre-processed /var/db files
-#	dns			Use DNS (Domain Name Service)
-#	files			Use the local files in /etc
-#	hesiod			Use Hesiod (DNS) for user lookups
-#	nis			Use NIS (NIS version 2), also called YP
-#	nisplus			Use NIS+ (NIS version 3)
-#
-# See `info libc 'NSS Basics'` for more information.
-#
-# Commonly used alternative service providers (may need installation):
-#
-#	ldap			Use LDAP directory server
-#	myhostname		Use systemd host names
-#	mymachines		Use systemd machine names
-#	mdns*, mdns*_minimal	Use Avahi mDNS/DNS-SD
-#	resolve			Use systemd resolved resolver
-#	sss			Use System Security Services Daemon (sssd)
-#	systemd			Use systemd for dynamic user option
-#	winbind			Use Samba winbind support
-#	wins			Use Samba wins support
-#	wrapper			Use wrapper module for testing
-#
-# Notes:
-#
-# 'sssd' performs its own 'files'-based caching, so it should generally
-# come before 'files'.
-#
-# WARNING: Running nscd with a secondary caching service like sssd may
-# 	   lead to unexpected behaviour, especially with how long
-# 	   entries are cached.
-#
-# Installation instructions:
-#
-# To use 'db', install the appropriate package(s) (provide 'makedb' and
-# libnss_db.so.*), and place the 'db' in front of 'files' for entries
-# you want to be looked up first in the databases, like this:
-#
-# passwd:    db files
-# shadow:    db files
-# group:     db files
-
-passwd:		compat
-group:		compat
-shadow:		compat
-# Allow initgroups to default to the setting for group.
-# initgroups:	compat
-
-hosts:  	files dns
-networks:	files dns
-
-aliases:	files usrfiles
-ethers:		files usrfiles
-gshadow:	files usrfiles
-netgroup:	files nis
-protocols:	files usrfiles
-publickey:	files
-rpc:		files usrfiles
-services:	files usrfiles
-
-automount:	files nis
-bootparams:	files
-netmasks:	files