CVE-2017-6318: Fixed in Jessie

<https://security-tracker.debian.org/tracker/CVE-2017-6318> lists "jessie" with
"1.0.24-8+deb8u2" as "vulnerable".

According to <https://packages.debian.org/search?keywords=sane-backends&searchon=sourcenames&suite=all&section=all>
that version is indeed in Debian-Jessie, but <http://metadata.ftp-master.debian.org/changelogs/main/s/sane-backends/sane-backends_1.0.24-8+deb8u2_changelog>
mentions "debian/patches/0500-CVE-2017-6318.patch" for that version,
which is indeed contained in that version; confirmed by:

tar xfO sane-backends_1.0.24-8+deb8u2.debian.tar.xz debian/patches/0505-CVE-2017-6318.patch
tar xfO sane-backends_1.0.24-8+deb8u2.debian.tar.xz debian/patches/series

There was no DSA releases, as the issue was considered minor, but the
issue was resolved with the Debian 8.8 point release:
<https://www.debian.org/News/2017/20170506>