The stretch 9.13 point release brings a number of bugfixes (including some security fixes):
https://lists.debian.org/debian-announce/2020/msg00004.html
Use this ticket to track the respective updates across the cluster. I've verified that all removed packages are not in use in our infrastructure.
[] bacula
[x] base-files
[x] batik
[] ca-certificates
[x] clamav
[x] cups
[] dbus
[x] erlang
[x] exiv2
[] glib-networking
[] gnutls28
[] intel-microcode
[x] jackson-databind
[x] libbusiness-hours-perl
[x] libdbi
[x] libexif
[] linux
[] linux-latest
[] mariadb-10.1
[] nfs-utils
[x] nginx
[x] perl
[x] rails
[] rake
[] ruby-json
[x] ruby2.3
[x] tzdata
[] websockify
[] xdg-utils
These are unused by us:
[x] acmetool
[x] atril
[x] c-icap-modules
[x] chasquid
[x] checkstyle
[x] compactheader
[x] cram
[x] csync2
[x] debian-security-support
[x] fex
[x] file-roller
[x] fwupd
[x] gosa
[x] heartbleeder
[x] iptables-persistent
[x] libclamunrar
[x] libembperl-perl
[x] libvncserver
[x] megatools
[x] mod-gnutls
[x] mongo-tools
[x] neon27
[x] node-url-parse
[x] nvidia-graphics-drivers
[x] pcl
[x] php-horde
[x] php-horde-data
[x] php-horde-form
[x] php-horde-gollem
[x] php-horde-trean
[x] phpmyadmin
[x] postfix
[x] proftpd-dfsg
[x] python-icalendar
[x] roundcube
[x] sendmail
[x] sogo-connector
[x] ssvnc
[x] storebackup
[x] swt-gtk
[x] tinyproxy
[x] wpa
[x] xml-security-c
[x] xtrlock
These are only used by the installer, which was rebuilt locally:
[x] debian-installer
[x] debian-installer-netboot-images