Source: libsass Severity: serious None of the security bugs filed in the BTS has seen any maintainer followup (dating back to 2017 in some cases), and that's just the tip of the iceberg, the security tracker lists many more.
Unless someone steps forward and commits to properly maintain it during the
lifetime of a stable release, let's not include it in buster.
Cheers,
Moritz
