CVE-2017-12424
	[stretch] - shadow 1:4.4-4.1+deb9u1
CVE-2015-9261 [busybox: pointer misuse unziping files]
	[stretch] - busybox 1:1.22.0-19+deb9u1
CVE-2016-2148
	[stretch] - busybox 1:1.22.0-19+deb9u1
CVE-2016-2147
	[stretch] - busybox 1:1.22.0-19+deb9u1
CVE-2011-5325
	[stretch] - busybox 1:1.22.0-19+deb9u1
CVE-2017-15873
	[stretch] - busybox 1:1.22.0-19+deb9u1
CVE-2017-16544
	[stretch] - busybox 1:1.22.0-19+deb9u1
CVE-2017-17840
	[stretch] - open-iscsi 2.0.874-3~deb9u2
CVE-2018-16336
	[stretch] - exiv2 0.25-3.1+deb9u2
CVE-2019-8907
	[stretch] - file 1:5.30-1+deb9u3
CVE-2019-8905
	[stretch] - file 1:5.30-1+deb9u3
CVE-2018-3774
	[stretch] - node-url-parse 1.0.5-2+deb9u1
CVE-2019-14267
	[stretch] - pdfresurrect 0.12-6+deb9u1
CVE-2019-11187
	[stretch] - gosa 2.7.4+reloaded2-13+deb9u2
CVE-2018-7260
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2018-19968
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2018-19970
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2019-6799
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2019-6798
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2019-11768
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2019-12616
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2020-5504
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2020-10802
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2020-10803
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2020-10804
	[stretch] - phpmyadmin 4:4.6.6-4+deb9u1
CVE-2019-20372
	[stretch] - nginx 1.10.3-1+deb9u4
CVE-2016-10894
	[stretch] - xtrlock 2.8+deb9u1
CVE-2019-16275
	[stretch] - wpa 2:2.4-1+deb9u5
CVE-2020-3123
        [stretch] - clamav 0.102.2+dfsg-0~deb9u1
CVE-2020-8130
	[stretch] - rake 10.5.0-2+deb9u1
CVE-2017-5715
	[stretch] - amd64-microcode 3.20181128.1~deb9u1
CVE-2020-5267
	[stretch] - rails 2:4.2.7.1-1+deb9u2
CVE-2019-9658
	[stretch] - checkstyle 6.15-1+deb9u1
CVE-2019-15522
	[stretch] - csync2 2.0-8-g175a01c-4+deb9u1
CVE-2017-11747
	[stretch] - tinyproxy 1.8.4-3~deb9u2
CVE-2019-15690
	[stretch] - libvncserver 0.9.11+dfsg-1.3~deb9u4