Yes, it is a header bug. It should not define AT_SECURE to value with different meaning.
This part is now in http://sourceware.org/bugzilla/show_bug.cgi?id=15794 Petr