Document pgbouncer failed auth_query lookups falling back to auth_user

Note the vulnerable version was not committed to ports, however document
the issue in the interest of being thorough and catching any user who
made this as a local change.

PR: 202957
Security: CVE-2015-6817
Security: d76961da-56f6-11e5-934b-002590263bf5
Approved by: feld (mentor)