The issue is caused by a mismatch between the OpenSSL headers libpam-mysql was built against, and the latest libraries in libssl0.9.8. I would expect a rebuild of libpam-mysql to fix this issue.
My auth.log shows the gory details: Feb 28 15:58:19 server saslauthd[28254]: PAM unable to dlopen(/lib/security/pam_mysql.so): /usr/lib/libssl.so.0.9.8: symbol CRYPTO_memcmp, version OPENSSL_0.9.8 not defined in file libcrypto.so.0.9.8 with link time reference -- Bert Driehuis Dihydrogen Monoxide kills! Join the campaign at http://www.dhmo.org/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org