If you package software for a distro, you have some responsibility for reviewing what you publish.
If you distribute an update that has malware, that is you publishing malware.
If you package software for a distro, you have some responsibility for reviewing what you publish.
If you distribute an update that has malware, that is you publishing malware.