Hello! I don't have any particular plans. I'll keep updating the package for as long as upstream provides updates. For 10.1 the updates are indeed officially over now: https://mariadb.org/about/#maintenance-policy
What options do we have anyway? Does the LTS team think they should be responsible for providing security updates beyond what upstreams do? Or are you thinking about providing backports? During the 10.5 packaging cycle I have tested building backports for every commit (see e.g. https://salsa.debian.org/mariadb-team/mariadb-10.5/-/pipelines/191851). The galera-4 dependency is already available in stretch-backports-sloppy. If you are interested in backports, that could be a viable option. To decrease the risk of similar situations in the future (or decrease the time window for it), I am now putting all my effort into having 10.5 in Bullseye so that the official support period is as long as possible by using the latest possible upstream version. - Otto
