When I picked up the package in 2015, the upstream maintainer(s) apparently
had stopped the maintenance already. Meanwhile, there have been a few CVEs
and other fixes that have been ignored upstream. Recently, another CVE has
been assigned to an issue, and there isn't any upstream interest either.