Back in April, I upstreamed (that is, reported a bug to Debian) regarding the `nginx-naxsi` packages. The initial bug I upstreamed was about the outdated naxsi version in the naxsi packages. (see this bug in Ubuntu and the related bug in Debian)
The last update on the Debian bug is on September 10, 2014. That update says the following, and was made by Christos Trochalakis:
After discussing it with the fellow maintainers we have decided that it is
better to remove the nginx-naxsi package before jessie is freezed.
Packaging naxsi is not trivial and, unfortunately, none of the maintainers uses
it. That’s the reason nginx-naxsi is not in a good shape and we are not feeling
comfortable to release and support it.
We are sorry for any inconvenience caused.
I asked what the expected timeline was for the packages being dropped. In a response from Christos today, September 15, 2014, it was said:
It ‘ll get merged and released (1.6.1-3) by the end of the month.
In Ubuntu, these changes will likely not make it into 14.10, but future versions of Ubuntu beyond 14.10 (such as 15.04) will likely have this change.
In the PPAs, the naxsi packages will be dropped with stable 1.6.1-3+precise0 +trusty0 +utopic0 and mainline 1.7.4-1+precise0 +trusty0 +utopic0 or will be dropped in later versions if a new point release is made before then.
In Debian, these changes are likely to hit by the end of the month (with 1.6.1-3).