Merge #3859

3859: Update Dockerfile to contain latest roundcube version (backport #3851) r=mergify[bot] a=mergify[bot]

Due to security update, see [this link](https://github.com/roundcube/roundcubemail/releases/tag/1.6.11) for further details

## What type of PR?

Security update

## What does this PR do?

Updates roundcube to the latest version

## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.

- [X] In case of feature or enhancement: documentation updated accordingly
- [X] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
<hr>This is an automatic backport of pull request #3851 done by [Mergify](https://mergify.com).

Co-authored-by: ctrl-i <1422608+ctrl-i@users.noreply.github.com>
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>

towncrier/newsfragments/3851.misc

@@ -0,0 +1 @@
+Upgrade roundcube to 1.6.11. For the record, Mailu is not vulnerable to CVE-2025-49113, thanks to Snuffleupagus (see https://snuffleupagus.readthedocs.io/config.html#unserialize-noclass)

webmails/Dockerfile

@@ -28,7 +28,7 @@ RUN set -euxo pipefail \
   ; mkdir -p /run/nginx /conf
 
 # roundcube
-ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.10/roundcubemail-1.6.10-complete.tar.gz
+ENV ROUNDCUBE_URL https://github.com/roundcube/roundcubemail/releases/download/1.6.11/roundcubemail-1.6.11-complete.tar.gz
 ENV CARDDAV_URL https://github.com/mstilkerich/rcmcarddav/releases/download/v5.1.0/carddav-v5.1.0.tar.gz
 
 RUN set -euxo pipefail \