The updates primarily fix a recently discovered vulnerability in the
virtualmin and sasl drivers of the password plugin (CVE-2017-8114).
More details about this vulnerability will be published soon by the
reporter. Security-wise the update is therefore only relevant for those
installations of Roundcube using the password plugin with either one of