Log Message:
Update roundcube to 1.1.2.  It includes security fix.

RELEASE 1.1.2
-------------
- Add new plugin hook 'identity_create_after' providing the ID of the inserted \ 
identity (#1490358)
- Add option to place signature at bottom of the quoted text even in top-posting \ 
mode [sig_below]
- Fix handling of %-encoded entities in mailto: URLs (#1490346)
- Fix zipped messages downloads after selecting all messages in a folder (#1490339)
- Fix vpopmaild driver of password plugin
- Fix PHP warning: Non-static method PEAR::setErrorHandling() should not be \ 
called statically (#1490343)
- Fix tables listing routine on mysql and postgres so it skips system or other \ 
database tables and views (#1490337)
- Fix message list header in classic skin on window resize in Internet Explorer \ 
(#1490213)
- Fix so text/calendar parts are listed as attachments even if not marked as \ 
such (#1490325)
- Fix lack of signature separator for plain text signatures in html mode (#1490352)
- Fix font artifact in Google Chrome on Windows (#1490353)
- Fix bug where forced extwin page reload could exit from the extwin mode (#1490350)
- Fix bug where some unrelated attachments in multipart/related message were not \ 
listed (#1490355)
- Fix mouseup event handling when dragging a list record (#1490359)
- Fix bug where preview_pane setting wasn't always saved into user preferences \ 
(#1490362)
- Fix bug where messages count was not updated after message move/delete with \ 
skip_deleted=false (#1490372)
- Fix security issue in contact photo handling (#1490379)
- Fix possible memcache/apc cache data consistency issues (#1490390)
- Fix bug where imap_conn_options were ignored in IMAP connection test (#1490392)
- Fix bug where some files could have "executable" extension when \ 
stored in temp folder (#1490377)
- Fix attached file path unsetting in database_attachments plugin (#1490393)
- Fix issues when using moduserprefs.sh without --user argument (#1490399)
- Fix potential info disclosure issue by protecting directory access (#1490378)
- Fix blank image in html_signature when saving identity changes (#1490412)
- Installer: Use openssl_random_pseudo_bytes() (if available) to generate \ 
des_key (#1490402)
- Fix XSS vulnerability in _mbox argument handling (#1490417)