Hi Emilio, > I would also consider removing it from stable, as I think the security > team cannot support it.
The security team for stable often supports versions that are upstream abandoned. The question is whether such a thing is feasible for a package. In this case I see just one open security issue in the tracker, for which a patch is available. I therefore see no immediate need to remove the package from stable. We should be conservative with removing things from stable, because upon release we made the "promise" to (security) support stable until one year after a new release comes out and people should be able to count on that as much as reasonably possible. Thijs
