Log Message:
Update to ap-auth-ldap to 1.6.1; changes since 1.6.0 include:

     * Fixed security bug that could allow attacker to execute arbitrary
       commands as the apache user. [Digital Armaments, seregon at bughunter
       dot net]

     * Fixed bug that sometimes resulted in segfaults during periodic cache
       cleanup. [Stefan Gaffga]
     * Add AuthLDAPVersion option to specify which LDAP version to use on
       LDAP server. [Hans Petter Selasky]
     * Support ldaps:// urls automatically under OpenLDAP. No need to compile
       with --with-ssl; this is just to enable SSL with the Netscape SDK.
       [Andrew McAllister, Malcolm Locke]
     * Fixed bug where auth_ldap didn't always rebind as the AuthLDAPBindDN
       after doing an authorization. [Stephen Lombardo, Brent Putnam, Ace
       Suares, Ted Cabeen, others].
     * Fixed bug where we forgot to note a failed auth attempt which would
       result in the browser never giving the user a second chance to enter a
       password. [Thanks to many other people]