Please merge libapache2-mod-perl2 (2.0.4-6)(main) from debian squeeze(main)

This bug was fixed in the package libapache2-mod-perl2 - 2.0.4-6ubuntu1

---------------
libapache2-mod-perl2 (2.0.4-6ubuntu1) lucid; urgency=low

  * Merge from debian testing. Remaining changes: LP: #516430
    - Change locales-all to locales. (LP: #184206)
    - Don't ignore testsuite failures on armel anymore.

libapache2-mod-perl2 (2.0.4-6) unstable; urgency=high

  [ gregor herrmann ]
  * debian/control: Changed: (build-)depend on perl instead of perl-
    modules.

  [ Dario Minnucci ]
  * docs/index_top.html: Issued patch 099-fix-url-on-index_top.patch
    to fix link URL. (Closes: #507606)

  [ Damyan Ivanov ]
  * add 100-svn-XSS-Status.patch; fixes XSS in Apache2::Status (CVE-2009-0796)
    Patch taken from r760926 of upstream SVN.
    Closes: #567635
  * .docs: drop debian/NEWS.Debian and Changes
  * -doc: depend on ${misc:Depends}
  * drop debian/NEWS (documents changes before oldstable)
 -- Bhavani Shankar <email address hidden> Wed, 03 Feb 2010 12:25:44 +0530

http://people.canonical.com/~ubuntu-security/cve/2009/CVE-2009-0796.html
Ubuntu 8.04 LTS (Hardy Heron): ignored (reached end-of-life)

I happily accept that the desktop version has reached end of life.
However the server version has support until April 2013.

The comment above says that the bug was fixed in 2.0.4 in February 2010, which was within the support period even for Hardy desktop!

What is the point of having LTS versions if you still fail to patch issues which have been fixed already in other versions within the support period!