OG 7.x-1.5 site now showing security warning update!

I also have this problem. According to the security notice, the update only applies to 7.x-2.x, not 7.x-1.x:

Versions affected
OG 7.x-2.x versions prior to 7.x-2.3.

Same here. I'm running a 7.x-1.x version and was quite confused because of the message. Actually, I was asking myself if 7.x-1.x needs an update but will not supported with security updates any more. Only later I saw that the update is actually related to a 7.x-2.x. version.

So, why is there the warning for 7.x-1.x users? Is that related to the update manager, or to OG?

There is a security issue with 7.x-1.x of OG. The solution to the issue is to update to 2.x. Please read the directions on how to do that, as it requires using the migrate module.

For more information, please see https://drupal.org/node/2059765

Thanks for the clarification but as pointed out in #1, the linked security notice mentions only OG 7.x-2.x versions as affected. Reading the notice, it remains unclear if I should upgrade to 7.x-2.x. Is there a separate issue corresponding to OG 7.x-1.x versions? And/or is there some information why OG 7.x-1.x is no longer supported with security updates?

Indeed, and such requirement should not be taken lightly as an upgrade from version 1.x to 2.x can prove to be a lengthy task.

The 1.x release of OG is not supported. You should think of it as insecure. If there are security issues with it, they would not be fixed.