Say [email protected]: needs [email protected]:.
We can of course add it as a conflict

conflicts('%gcc@:4.8.99', when='5.2.0:')

this, however, does not help downstream packages because they won't concretize unless you add

depends_on('suite-sparse')
depends_on('suite-sparse@:5.1.0', when='%gcc@:4.8.99')

IMO it's a wrong place to fix the problem and we should not need to do this in every downstream package.

Maybe conflicts should be somehow smarter and make concretizer choose a version before 5.2.0: in this case.

Or one can think of preferable to be dependent on compiler version (by default it's the latest stable but for older gcc take 5.1.0).