On Mon, Jan 26, 2015 at 7:58 AM, Bálint Réczey wrote: > I have added the changes in git  and I plan uploading the fix this week. > I will check the outstanding security issues for easily fixable ones > and include the fixes in the same upload.
I went ahead with an nmu since it's been a few weeks without an upload. Best wishes, Mike
diff -Nru libv8-3.14-220.127.116.11/debian/changelog libv8-3.14-18.104.22.168/debian/changelog --- libv8-3.14-22.214.171.124/debian/changelog 2014-05-06 19:35:22.000000000 +0000 +++ libv8-3.14-126.96.36.199/debian/changelog 2015-02-13 06:02:28.000000000 +0000 @@ -1,3 +1,11 @@ +libv8-3.14 (188.8.131.52-8.1) unstable; urgency=medium + + * Non-maintainer upload. + * Add README.Debian.security documenting the lack of security support for + this package for jessie (closes: #775715). + + -- Michael Gilbert <mgilb...@debian.org> Fri, 13 Feb 2015 05:59:08 +0000 + libv8-3.14 (184.108.40.206-8) unstable; urgency=medium * Add 0004_hurd.patch, add Architecture: hurd-i386. diff -Nru libv8-3.14-220.127.116.11/debian/libv8-3.14.5.docs libv8-3.14-18.104.22.168/debian/libv8-3.14.5.docs --- libv8-3.14-22.214.171.124/debian/libv8-3.14.5.docs 1970-01-01 00:00:00.000000000 +0000 +++ libv8-3.14-126.96.36.199/debian/libv8-3.14.5.docs 2015-02-13 05:58:55.000000000 +0000 @@ -0,0 +1 @@ +debian/README.Debian.security diff -Nru libv8-3.14-188.8.131.52/debian/README.Debian.security libv8-3.14-184.108.40.206/debian/README.Debian.security --- libv8-3.14-220.127.116.11/debian/README.Debian.security 1970-01-01 00:00:00.000000000 +0000 +++ libv8-3.14-18.104.22.168/debian/README.Debian.security 2015-02-13 05:58:55.000000000 +0000 @@ -0,0 +1,17 @@ +The security team has decided that this package will not receive +security support for Jessie which makes the package suitable only +for trusted content. + +The decision has been made due to the amount of already outstanding +known vulnerabilities  and the maintainer team's forecasted lack of +manpower to deal with new and existing security problems. + +Providing security support for the package is not impossible but +requires people who can back-port and review security related fixes +from upstream's source code repository. If you would like to see full +security support for libv8  in Jessie+1, please consider joining the +maintainer team or help them in other ways. + + + https://security-tracker.debian.org/tracker/source-package/libv8 + https://packages.qa.debian.org/libv/libv8-3.14.html \ No newline at end of file