Just to confirm that 1) this commit is identical to those now in upstream release candidates. 2) This has now been filed as #867164 (sorry that this was missing before) 3) this particular bug doesn't strictly apply to stretch/sid, but we plan to fix it in sid at least for consistency and to fix the minor remaining security bug (see #867170)
Thanks, Dominic.