Security fixes
Upgrade Tor Browser to 7.5.2 (MFSA 2018-08 i.e. CVE-2018-5146).
Upgrade libvorbis to 1.3.5-4+deb9u2 (DSA 4140-1 aka. CVE-2018-5146).
Upgrade curl to 7.52.1-5+deb9u5 (DSA 4136-1).
Upgrade samba to 2:4.5.12+dfsg-2+deb9u2 (DSA 4135-1).
Bugfixes
Fix ISO build reproducibility (Closes: #15400)
Disable Selfrando: Tor Browser upstream currently enables it only
in non-release builds