Only the latest release will be fully supported regarding security updates.
Apache Groovy follows the Apache general guidelines for handling security vulnerabilities.