On Wed, Nov 09, 2016 at 07:14:45PM +0100, W. Martin Borgert wrote: > If users of testing or unstable have the malware installed now and > the package gets removed from the archive, users are left with the > malware, right? yes > That's why I thought about uploading an empty package to unstable, yes, of course. > it should be released with stretch, but can be safely removed later. i'm not sure about the releasing with stretch part. Maybe it would be better to have the updated, empty package in stretch in 5plusX days and then remove it before the release, say on January 1st. -- cheers, Holger
Attachment:
signature.asc
Description: Digital signature