From ${URL} : If PAM is configured to read user-specified environment variables and UseLogin=yes in sshd_config, then a hostile local user may attack /bin/login via LD_PRELOAD or similar environment variables set via PAM. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
i know it is no good place for it... but it is very slowly. we can bump automatically when need only recompile package?
This issue was resolved and addressed in GLSA 201612-18 at https://security.gentoo.org/glsa/201612-18 by GLSA coordinator Aaron Bauman (b-man).