>> Agreed. However, moving them to a separate page and put a prominent
>> note saying "security advisories for no-longer supported releases are
>> archived here" or something like that seems like a reasonable
>> compromise.
>
> Sure, that'd be fine.
Suggested text:
"Security advisories below cover only currently supported versions. For
security advisories which specifically affect versions no longer
supported by the community, see the list here<link>. Please note that
obsolete versions are certainly affected by some of the security issues
below but there are no updates available for them. For more information
about the community support term, see <link>"
And on the archive page itself (support/security_archive.html?)
"Below are security advisories which only affect older versions of
PostgreSQL which are no longer supported by the community. Note that
these releases are also affected by some of the security advisories on
the current security advisories page<link> but are not patched. For
more information about the community support term, see <link>"
-- -- Josh Berkus PostgreSQL Experts Inc.
http://www.pgexperts.com