I dont think this can be the only option. Two very different version
of a library can still be very stable and secure and useful for
different programs. Is there any chance that this approach is being
reconsidered?
I dont think so. Every duplicated library can create duplicated work for
the Debian security work. Consider some artificial java library which
handles URLs and their content as an example. Due to a small bug in URL
handling this library allows access to system restricted files. This
library is now in 3 different versions in Debian. In a stable Debian
release the Debian security team has to fix, test, upload 3 libraries
instead of the only one we normally have in the archive. Think of a
library that is 10 or 20 times in the archive. Debian is a free-time
project. Even the security team does everything in their free-time. We
should not put more burden on them then really needed.