Using strncpy is not a remedy at all. The function was never designed for safe string copying, but for copying fixed-width inode names[1]. The fact that is protects against buffer overflows is pure coincidence.
The only difference between strcpy_s and strlcpy, other than taking arguments in a different order and being more annoying to type, is that if an overflow would occur, it sets destination[0] to 0 rather than truncating. This is probably an improvement, since truncation can cause security problems if you're building filenames and such (though, should you fail the test accidentally, I suspect it's much harder to track down why a string somewhere in your app became empty than why it was truncated)... but is it really worth switching to yet another string copy function?
(well, from a BSD perspective. Apparently strcpy_s has been around on Windows since Windows 95.)
Yes, I can see how using more secure functions is a step backwards, because some company not involved in the standard has also used functions by that name...
The author/site mentions that in practice snprintf isn't portable on Unix platforms because a number of implementations of it are botched. I have to say that one of the best things we did was implement our own conforming printf/scanf family of functions. They act the same everywhere, which isn't possible even with the existing conforming C library implementations, as the Standard is not precise about the specification.
Static assertions
Typedef redefinition
New macros in <float.h>
Anonymous structures and unions
4.7 supports:
Unicode strings
the predefined macros __STDC_UTF_16__ and __STDC_UTF_32__
Nonreturning functions
Alignment support
A built-in function __builtin_complex is provided to support C library implementation of the CMPLX family of macros.
I haven't found any good sources for what is to be included in 4.8
[1]: http://stackoverflow.com/a/1454071