Import Debian changes 2.5.3-3+deb8u1

jython (2.5.3-3+deb8u1) jessie-security; urgency=high

  * Team upload.
  * Fix CVE-2016-4000: (Closes: #864859)
    Unsafe deserialization may lead to arbitrary code execution.