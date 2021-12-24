It's a good open source project. It just had a vulnerability that someone found. This is how open source works. There are going to be vulnerabilities in stuff. Since the source code is open, when the fix is committed others are going to notice the change and realize it's a security fix. Inevitably that results in the upgrade wave that we're seeing right now. No amount of government involvement is going to change the reality of what happens when one of these vulnerabilities is discovered. If the government wants to do anything useful, fund an OS bug bounty program for popular open source projects that the government relies upon.

