diff -Nru vim-syntastic-3.7.0/debian/changelog vim-syntastic-3.7.0/debian/changelog
--- vim-syntastic-3.7.0/debian/changelog	2016-02-12 21:27:31.000000000 +0000
+++ vim-syntastic-3.7.0/debian/changelog	2018-08-10 00:43:56.000000000 +0000
@@ -1,3 +1,21 @@
+vim-syntastic (3.7.0-1+deb9u2build0.16.04.1) xenial-security; urgency=medium
+
+  * fake sync from Debian
+
+ -- Alex Murray <alex.murray@canonical.com>  Fri, 10 Aug 2018 10:13:56 +0930
+
+vim-syntastic (3.7.0-1+deb9u2) stretch-security; urgency=high
+
+  * Added missing functions to util.vim
+
+ -- Andrea Capriotti <capriott@debian.org>  Thu, 02 Aug 2018 09:21:49 +0000
+
+vim-syntastic (3.7.0-1+deb9u1) stretch-security; urgency=high
+
+  * CVE-2018-11319 stretch backport
+
+ -- Andrea Capriotti <capriott@debian.org>  Tue, 31 Jul 2018 16:05:57 +0000
+
 vim-syntastic (3.7.0-1) unstable; urgency=medium
 
   * New upstream release
diff -Nru vim-syntastic-3.7.0/debian/patches/CVE-2018-11319.diff vim-syntastic-3.7.0/debian/patches/CVE-2018-11319.diff
--- vim-syntastic-3.7.0/debian/patches/CVE-2018-11319.diff	1970-01-01 00:00:00.000000000 +0000
+++ vim-syntastic-3.7.0/debian/patches/CVE-2018-11319.diff	2018-08-02 09:20:42.000000000 +0000
@@ -0,0 +1,301 @@
+Index: vim-syntastic-3.7.0/autoload/syntastic/c.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/autoload/syntastic/c.vim
++++ vim-syntastic-3.7.0/autoload/syntastic/c.vim
+@@ -228,7 +228,7 @@ function! s:_get_cflags(ft, ck, opts) ab
+     endif
+ 
+     " add optional config file parameters
+-    let config_file = s:_get_checker_var('g', a:ft, a:ck, 'config_file', '.syntastic_' . a:ft . '_config')
++    let config_file = s:_get_checker_var('b', a:ft, a:ck, 'config_file', s:_get_checker_var('g', a:ft, a:ck, 'config_file', ''))
+     let flags .= ' ' . syntastic#c#ReadConfig(config_file)
+ 
+     if b_cflags ==# '' && (a:ft ==# 'c' || a:ft ==# 'cpp') && !s:_get_checker_var('g', a:ft, a:ck, 'no_include_search', 0)
+Index: vim-syntastic-3.7.0/syntax_checkers/c/avrgcc.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/avrgcc.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/avrgcc.vim
+@@ -15,16 +15,14 @@ if exists('g:loaded_syntastic_c_avrgcc_c
+ endif
+ let g:loaded_syntastic_c_avrgcc_checker = 1
+ 
+-if !exists('g:syntastic_avrgcc_config_file')
+-    let g:syntastic_avrgcc_config_file = '.syntastic_avrgcc_config'
+-endif
+-
+ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_avrgcc_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+-        \ 'args_before': syntastic#c#ReadConfig(g:syntastic_avrgcc_config_file),
++        \ 'args_before': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'avrgcc_config_file')),
+         \ 'args_after': '-x c -fsyntax-only' })
+ 
+     let errorformat =
+Index: vim-syntastic-3.7.0/syntax_checkers/c/clang_check.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/clang_check.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/clang_check.vim
+@@ -14,10 +14,6 @@ if exists('g:loaded_syntastic_c_clang_ch
+ endif
+ let g:loaded_syntastic_c_clang_check_checker = 1
+ 
+-if !exists('g:syntastic_clang_check_config_file')
+-    let g:syntastic_clang_check_config_file = '.syntastic_clang_check_config'
+-endif
+-
+ if !exists('g:syntastic_c_clang_check_sort')
+     let g:syntastic_c_clang_check_sort = 1
+ endif
+@@ -26,10 +22,12 @@ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_clang_check_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+         \ 'post_args':
+         \   '-- ' .
+-        \   syntastic#c#ReadConfig(g:syntastic_clang_check_config_file) . ' ' .
++        \   syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'clang_check_config_file')) . ' ' .
+         \   '-fshow-column ' .
+         \   '-fshow-source-location ' .
+         \   '-fno-caret-diagnostics ' .
+Index: vim-syntastic-3.7.0/syntax_checkers/c/clang_tidy.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/clang_tidy.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/clang_tidy.vim
+@@ -14,10 +14,6 @@ if exists('g:loaded_syntastic_c_clang_ti
+ endif
+ let g:loaded_syntastic_c_clang_tidy_checker = 1
+ 
+-if !exists('g:syntastic_clang_tidy_config_file')
+-    let g:syntastic_clang_tidy_config_file = '.syntastic_clang_tidy_config'
+-endif
+-
+ if !exists('g:syntastic_c_clang_tidy_sort')
+     let g:syntastic_c_clang_tidy_sort = 1
+ endif
+@@ -26,10 +22,12 @@ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_clang_tidy_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+         \ 'post_args':
+         \   '-- ' .
+-        \   syntastic#c#ReadConfig(g:syntastic_clang_tidy_config_file) . ' ' .
++        \   syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'clang_tidy_config_file')) . ' ' .
+         \   '-fshow-column ' .
+         \   '-fshow-source-location ' .
+         \   '-fno-caret-diagnostics ' .
+Index: vim-syntastic-3.7.0/syntax_checkers/c/cppcheck.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/cppcheck.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/cppcheck.vim
+@@ -14,16 +14,14 @@ if exists('g:loaded_syntastic_c_cppcheck
+ endif
+ let g:loaded_syntastic_c_cppcheck_checker = 1
+ 
+-if !exists('g:syntastic_cppcheck_config_file')
+-    let g:syntastic_cppcheck_config_file = '.syntastic_cppcheck_config'
+-endif
+-
+ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_cppcheck_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+-        \ 'args': syntastic#c#ReadConfig(g:syntastic_cppcheck_config_file),
++        \ 'args': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'cppcheck_config_file')),
+         \ 'args_after': '-q --enable=style' })
+ 
+     let errorformat =
+Index: vim-syntastic-3.7.0/syntax_checkers/c/oclint.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/oclint.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/oclint.vim
+@@ -14,10 +14,6 @@ if exists('g:loaded_syntastic_c_oclint_c
+ endif
+ let g:loaded_syntastic_c_oclint_checker = 1
+ 
+-if !exists('g:syntastic_oclint_config_file')
+-    let g:syntastic_oclint_config_file = '.syntastic_oclint_config'
+-endif
+-
+ if !exists('g:syntastic_c_oclint_sort')
+     let g:syntastic_c_oclint_sort = 1
+ endif
+@@ -26,8 +22,10 @@ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_oclint_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+-        \ 'post_args': '-- -c ' . syntastic#c#ReadConfig(g:syntastic_oclint_config_file) })
++        \ 'post_args': '-- -c ' . syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'oclint_config_file') })
+ 
+     let errorformat =
+         \ '%E%f:%l:%c: fatal error: %m,' .
+Index: vim-syntastic-3.7.0/syntax_checkers/c/pc_lint.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/pc_lint.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/pc_lint.vim
+@@ -18,12 +18,9 @@ let g:loaded_syntastic_c_pc_lint_checker
+ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+-if !exists('g:syntastic_pc_lint_config_file')
+-    let g:syntastic_pc_lint_config_file = 'options.lnt'
+-endif
+-
+ function! SyntaxCheckers_c_pc_lint_GetLocList() dict
+-    let config = syntastic#util#findFileInParent(g:syntastic_pc_lint_config_file, expand('%:p:h', 1))
++    let buf = bufnr('')
++    let config = syntastic#util#findFileInParent(syntastic#util#bufVar(buf, 'pc_lint_config_file'), fnamemodify(bufname(buf), ':p:h'))
+     call self.log('config =', config)
+ 
+     " -hFs1         - show filename, add space after messages, try to make message 1 line
+Index: vim-syntastic-3.7.0/syntax_checkers/c/sparse.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/sparse.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/sparse.vim
+@@ -14,16 +14,14 @@ if exists('g:loaded_syntastic_c_sparse_c
+ endif
+ let g:loaded_syntastic_c_sparse_checker = 1
+ 
+-if !exists('g:syntastic_sparse_config_file')
+-    let g:syntastic_sparse_config_file = '.syntastic_sparse_config'
+-endif
+-
+ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_sparse_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+-        \ 'args': syntastic#c#ReadConfig(g:syntastic_sparse_config_file),
++        \ 'args': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'sparse_config_file')),
+         \ 'args_after': '-ftabstop=' . &ts })
+ 
+     let errorformat =
+Index: vim-syntastic-3.7.0/syntax_checkers/c/splint.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/c/splint.vim
++++ vim-syntastic-3.7.0/syntax_checkers/c/splint.vim
+@@ -14,16 +14,14 @@ if exists('g:loaded_syntastic_c_splint_c
+ endif
+ let g:loaded_syntastic_c_splint_checker = 1
+ 
+-if !exists('g:syntastic_splint_config_file')
+-    let g:syntastic_splint_config_file = '.syntastic_splint_config'
+-endif
+-
+ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_c_splint_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+-        \ 'args': syntastic#c#ReadConfig(g:syntastic_splint_config_file),
++        \ 'args': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'splint_config_file')),
+         \ 'args_after': '-showfunc -hints +quiet' })
+ 
+     let errorformat =
+Index: vim-syntastic-3.7.0/syntax_checkers/cpp/verapp.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/syntax_checkers/cpp/verapp.vim
++++ vim-syntastic-3.7.0/syntax_checkers/cpp/verapp.vim
+@@ -16,16 +16,14 @@ if exists('g:loaded_syntastic_cpp_verapp
+ endif
+ let g:loaded_syntastic_cpp_verapp_checker = 1
+ 
+-if !exists('g:syntastic_verapp_config_file')
+-    let g:syntastic_verapp_config_file = '.syntastic_verapp_config'
+-endif
+-
+ let s:save_cpo = &cpo
+ set cpo&vim
+ 
+ function! SyntaxCheckers_cpp_verapp_GetLocList() dict
++    let buf = bufnr('')
++
+     let makeprg = self.makeprgBuild({
+-        \ 'args': syntastic#c#ReadConfig(g:syntastic_verapp_config_file),
++        \ 'args': syntastic#c#ReadConfig(syntastic#util#bufVar(buf, 'verapp_config_file')),
+         \ 'args_after': '--show-rule --no-duplicate -S -c -' })
+ 
+     let errorformat = '%f:%t:%l:%c:%m'
+Index: vim-syntastic-3.7.0/autoload/syntastic/util.vim
+===================================================================
+--- vim-syntastic-3.7.0.orig/autoload/syntastic/util.vim
++++ vim-syntastic-3.7.0/autoload/syntastic/util.vim
+@@ -107,6 +107,10 @@ function! syntastic#util#rmrf(what) abor
+     endif
+ endfunction " }}}2
+ 
++function! syntastic#util#getbufvar(buf, name, ...) abort " {{{2
++    return a:0 ? s:_getbufvar(a:buf, a:name, a:1) : getbufvar(a:buf, a:name)
++endfunction " }}}2
++
+ " Search the first 5 lines of the file for a magic number and return a map
+ " containing the args and the executable
+ "
+@@ -131,12 +135,24 @@ function! syntastic#util#parseShebang()
+     return { 'exe': '', 'args': [] }
+ endfunction " }}}2
+ 
+-" Get the value of a variable.  Allow local variables to override global ones.
++" Get the value of a Vim variable.  Allow buffer variables to override global ones.
++function! syntastic#util#bufRawVar(buf, name, ...) abort " {{{2
++    return s:_getbufvar(a:buf, a:name, get(g:, a:name, a:0 ? a:1 : ''))
++endfunction "}}}2
++
++" Get the value of a syntastic variable.  Allow buffer variables to override global ones.
++function! syntastic#util#bufVar(buf, name, ...) abort " {{{2
++    return call('syntastic#util#bufRawVar', [a:buf, 'syntastic_' . a:name] + a:000)
++endfunction "}}}2
++
++" Get the value of a Vim variable.  Allow local variables to override global ones.
++function! syntastic#util#rawVar(name, ...) abort " {{{2
++    return get(b:, a:name, get(g:, a:name, a:0 ? a:1 : ''))
++endfunction " }}}2
++
++" Get the value of a syntastic variable.  Allow local variables to override global ones.
+ function! syntastic#util#var(name, ...) abort " {{{2
+-    return
+-        \ exists('b:syntastic_' . a:name) ? b:syntastic_{a:name} :
+-        \ exists('g:syntastic_' . a:name) ? g:syntastic_{a:name} :
+-        \ a:0 > 0 ? a:1 : ''
++    return call('syntastic#util#rawVar', ['syntastic_' . a:name] + a:000)
+ endfunction " }}}2
+ 
+ " Parse a version string.  Return an array of version components.
+@@ -486,6 +502,18 @@ function! s:_float2str_smart(val) abort
+     return printf('%.1f', a:val)
+ endfunction " }}}2
+ 
++function! s:_getbufvar_dumb(buf, name, ...) abort " {{{2
++    let ret = getbufvar(a:buf, a:name)
++    if a:0 && type(ret) == type('') && ret ==# ''
++        unlet! ret
++        let ret = a:1
++    endif
++    return ret
++endfunction "}}}2
++
++let s:_getbufvar = function(v:version > 703 || (v:version == 703 && has('patch831')) ? 'getbufvar' : 's:_getbufvar_dumb')
++lockvar s:_getbufvar
++
+ function! s:_float2str_dumb(val) abort " {{{2
+     return a:val
+ endfunction " }}}2
diff -Nru vim-syntastic-3.7.0/debian/patches/series vim-syntastic-3.7.0/debian/patches/series
--- vim-syntastic-3.7.0/debian/patches/series	1970-01-01 00:00:00.000000000 +0000
+++ vim-syntastic-3.7.0/debian/patches/series	2018-07-31 15:16:40.000000000 +0000
@@ -0,0 +1 @@
+CVE-2018-11319.diff