Instead of running around like headless chooks because a widely used piece of open source software is maintained by volunteers and has a massive hole in it, imagine paying someone to look after such software properly.
Article Link: For security alone, we could try paying open source projects properly | ZDNet