Updated webmin package fixes security vulnerability:
Webmin before 1.930 allows remote exploits if the option to change expired passwords is enabled (CVE-2019-15107).
Note that it is only vulnerable if changing of expired passwords is enabled, which is not the case by default.