libmcrypt is a dead cow. Dead upstream (last change in upstream CVS is 7 years old).

See PHP internals discussion about php-mcrypt, but relying on such a critical (security) API which is unmaintained seems a bad idea.

Lot of other projects start to switch to openssl extension (phpMyAdmin, Roundcubemail, ...) and keep mcrypt as a fallback solution.