After earlier reporting on Heise was that there is again to a bigger exploit in WordPress, but I wanted to finally upgrade. So far so good. Also ran pretty smoothly. Then I realized, however, that the server is running in the wrong time zone and wanted to correct "just".
The end of history was that I had no access to the mail server because the file was with the password data is well shot anyway. After a simple trial and error helped bissl

saslpasswd2 $ user

and then type the new password twice.
At least I did after the stress is now a new WP