The PAM SRPM uses a pam-redhat tarball. This is in direct conflict the RPM philosophy of "pristine" source with patches seperated. The result is that the source used is a mess and makes upgrading to newer versions of PAM quite difficult (I need to upgrade to a CVS version of pam so I can use pam_unix as non root to authenticate users other than the caller)
This should be at least partially addressed in 0.75-16, with better fixes after that. Thanks!