diff -Nru tre-0.8.0/debian/changelog tre-0.8.0/debian/changelog
--- tre-0.8.0/debian/changelog	2014-04-29 22:38:40.000000000 +0000
+++ tre-0.8.0/debian/changelog	2018-11-06 19:35:33.000000000 +0000
@@ -1,3 +1,18 @@
+tre (0.8.0-4+deb8u1build0.16.04.1) xenial-security; urgency=medium
+
+  * fake sync from Debian
+
+ -- Mike Salvatore <mike.salvatore@canonical.com>  Tue, 06 Nov 2018 14:35:33 -0500
+
+tre (0.8.0-4+deb8u1) jessie; urgency=medium
+
+  * Add debian/patches/03-cve-2016-8859 to fix CVE-2016-8859.
+    Patch borrowed from wheezy LTS. Closes: #842169.
+  * Add locales-all to Build-Depends, required to run the test suite.
+  * Add debian/clean with files generated/modified during the build.
+
+ -- Santiago Vila <sanvila@debian.org>  Mon, 28 Nov 2016 00:31:36 +0100
+
 tre (0.8.0-4) unstable; urgency=medium
 
   * I'm having a déjà vu.
diff -Nru tre-0.8.0/debian/clean tre-0.8.0/debian/clean
--- tre-0.8.0/debian/clean	1970-01-01 00:00:00.000000000 +0000
+++ tre-0.8.0/debian/clean	2016-11-27 22:00:00.000000000 +0000
@@ -0,0 +1,4 @@
+tests/agrep/basic.in
+tests/agrep/delimiters.in
+tests/agrep/exitstatus.in
+tests/agrep/records.in
diff -Nru tre-0.8.0/debian/control tre-0.8.0/debian/control
--- tre-0.8.0/debian/control	2014-04-29 10:00:00.000000000 +0000
+++ tre-0.8.0/debian/control	2016-11-27 22:00:00.000000000 +0000
@@ -4,7 +4,7 @@
 Maintainer: Santiago Vila <sanvila@debian.org>
 Uploaders: Milan Zamazal <pdm@debian.org>
 Standards-Version: 3.9.5
-Build-Depends: gettext (>= 0.18.1.1-8), debhelper (>= 9)
+Build-Depends: gettext (>= 0.18.1.1-8), debhelper (>= 9), locales-all
 
 Package: libtre5
 Architecture: any
diff -Nru tre-0.8.0/debian/patches/03-cve-2016-8859 tre-0.8.0/debian/patches/03-cve-2016-8859
--- tre-0.8.0/debian/patches/03-cve-2016-8859	1970-01-01 00:00:00.000000000 +0000
+++ tre-0.8.0/debian/patches/03-cve-2016-8859	2016-11-27 22:03:00.000000000 +0000
@@ -0,0 +1,73 @@
+From c3edc06d1e1360f3570db9155d6b318ae0d0f0f7 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Thu, 6 Oct 2016 18:34:58 -0400
+Subject: fix missing integer overflow checks in regexec buffer size
+ computations
+
+most of the possible overflows were already ruled out in practice by
+regcomp having already succeeded performing larger allocations.
+however at least the num_states*num_tags multiplication can clearly
+overflow in practice. for safety, check them all, and use the proper
+type, size_t, rather than int.
+
+also improve comments, use calloc in place of malloc+memset, and
+remove bogus casts.
+---
+ src/regex/regexec.c | 23 ++++++++++++++++++-----
+ 1 file changed, 18 insertions(+), 5 deletions(-)
+
+Note: patch was modified to apply to tre, parts were taken from
+https://github.com/laurikari/tre/issues/37
+
+--- a/lib/tre-match-parallel.c
++++ b/lib/tre-match-parallel.c
+@@ -59,6 +59,7 @@
+ #ifdef HAVE_MALLOC_H
+ #include <malloc.h>
+ #endif /* HAVE_MALLOC_H */
++#include <stdint.h>
+ 
+ #include "tre-internal.h"
+ #include "tre-match-utils.h"
+@@ -150,11 +151,24 @@
+ 
+   /* Allocate memory for temporary data required for matching.	This needs to
+      be done for every matching operation to be thread safe.  This allocates
+-     everything in a single large block from the stack frame using alloca()
+-     or with malloc() if alloca is unavailable. */
++     everything in a single large block with calloc(). */
+   {
+-    int tbytes, rbytes, pbytes, xbytes, total_bytes;
++    size_t tbytes, rbytes, pbytes, xbytes, total_bytes;
+     char *tmp_buf;
++
++    /* Ensure that tbytes and xbytes*num_states cannot overflow, and that
++     * they don't contribute more than 1/8 of SIZE_MAX to total_bytes. */
++    if (num_tags > SIZE_MAX/(8 * sizeof(int) * tnfa->num_states))
++      return REG_BADPAT;
++
++    /* Likewise check rbytes. */
++    if (tnfa->num_states+1 > SIZE_MAX/(8 * sizeof(*reach_next)))
++      return REG_BADPAT;
++
++    /* Likewise check pbytes. */
++    if (tnfa->num_states > SIZE_MAX/(8 * sizeof(*reach_pos)))
++      return REG_BADPAT;
++
+     /* Compute the length of the block we need. */
+     tbytes = sizeof(*tmp_tags) * num_tags;
+     rbytes = sizeof(*reach_next) * (tnfa->num_states + 1);
+@@ -168,11 +182,11 @@
+ #ifdef TRE_USE_ALLOCA
+     buf = alloca(total_bytes);
+ #else /* !TRE_USE_ALLOCA */
+-    buf = xmalloc((unsigned)total_bytes);
++    buf = xmalloc(total_bytes);
+ #endif /* !TRE_USE_ALLOCA */
+     if (buf == NULL)
+       return REG_ESPACE;
+-    memset(buf, 0, (size_t)total_bytes);
++    memset(buf, 0, total_bytes);
+ 
+     /* Get the various pointers within tmp_buf (properly aligned). */
+     tmp_tags = (void *)buf;
diff -Nru tre-0.8.0/debian/patches/series tre-0.8.0/debian/patches/series
--- tre-0.8.0/debian/patches/series	2014-04-29 10:00:00.000000000 +0000
+++ tre-0.8.0/debian/patches/series	2016-11-27 22:00:00.000000000 +0000
@@ -1,3 +1,4 @@
 01-agrep-is-called-tre-agrep-here
 02-added-de-po-translation
+03-cve-2016-8859
 99-autoreconf
diff -Nru tre-0.8.0/debian/rules tre-0.8.0/debian/rules
--- tre-0.8.0/debian/rules	2014-04-29 10:00:00.000000000 +0000
+++ tre-0.8.0/debian/rules	2016-11-27 22:00:00.000000000 +0000
@@ -6,8 +6,6 @@
 	dh_clean
 	cd po && rm -f *.gmo
 
-override_dh_auto_test:
-
 override_dh_auto_configure:
 	touch -d "2014-04-29 12:00" `cat debian/modified-files.txt`
 	dh_auto_configure -- --enable-static