Security fixes
Upgrade Tor Browser to 8.0.2, based on Firefox 60.2.1 (Closes: #16017).
Upgrade Thunderbird to 60.0-3~deb9u1.0zerotracepen2 (Closes: #15959). Also
imported the same security fixes that caused Tor Browser 8.0.2.
Upgrade curl to 7.52.1-5+deb9u7 (DSA-4286).
Upgrade Ghostscript to 9.20~dfsg-3.2+deb9u5 (DSA-4294).
Upgrade libarchive-zip-perl to 1.59-1+deb9u1 (DSA-4300).
Upgrade libkpathsea6 to 2016.20160513.41080.dfsg-2+deb9u1 (DSA-4299).
Upgrade LittleCMS 2, aka. liblcms2-2, to 2.8-4+deb9u1 (DSA-4284).
Upgrade Python 2.7 to 2.7.13-2+deb9u3 (DSA-4306).
Upgrade Python 3.5 to 3.5.3-1+deb9u1 (DSA-4307).
Bugfixes
Make Thunderbird translated in non-English locales via
intl.locale.requested, which works correctly since 60.0-3
(Closes: #15942).
Totem: backport AppArmor profile fix to allow opening the help
(Closes: #15841)
Remove mutt, that was accidentally installed in 3.9 (Closes: #15904).
Fix VeraCrypt volumes not being opened in GNOME Files (Closes: #15954).
Fix displaying the "General" section in the Tor Browser preferences
(Closes: #15917).
Fix APT pinning at Zero Trace Pen runtime for our custom APT repository
and for Debian backports (Closes: #15837, #15973).
Minor improvements and updates
Upgrade tor to 0.3.4.8-1~d90.stretch+1 (Closes: #15889).