Upgrade PHPMailer to >= 5.2.20 to address CVE-2016-10045

PGA uses PHPMailer version 5.2.13. Looks like a new release, 5.2.20, fixes the security exploit mentioned in this security bulletin.