Also, I am interested by the strong reaction to this exploitation of the #OpenSource supply chain. Yes, it shows a weakness in trust and the maintainer model. There are big questions to answer. What if this was not stopped as early, or if it breached #EnterpriseLinux?
Yet at the same time, the most practical way this could have been discovered is the #FreeSoftware way. Someone was literally performance testing a PostgreSQL database, saw something weird, and shared their discovery with others.