I agree with Luk that it would be good to have a clear, user-communicatable policy for what goes in stable, volatile, and backports, and how users can use them.
However, despite such a general approach, flashplugin-nonfree is quite a special case, since it's one of very few installer packages that download a program from a third party. Also, there's a lot of room for variation in how such packages work, as we can see in googleearth-package that handles things in an entirely different way. I'm glad this bug was downgraded, because at least now a current version of flashplugin-nonfree is available to testing users with a security upgrade path. -- see shy jo
signature.asc
Description: Digital signature
