Gentoo Linux Security Advisory GLSA 200612-19 - Steve Rigler discovered that pam_ldap does not correctly handle PasswordPolicyResponse control responses from an LDAP directory. This causes the pam_authenticate() function to always succeed, even if the previous authentication failed. Versions less than 183 are affected.
e64895cba6cea263dea3c75b42533b05a9f6df284ba411224f20bcd3856675f7