A few relevant quotes

I'm on a holiday and only happened to look at my emails and it
seems to be a major mess.

— Lasse Collin

The reality that we are struggling with is that the free software
infrastructure on which much of computing runs is massively and
painfully underfunded by society as a whole, and is almost entirely
dependent on random people maintaining things in their free time
because they find it fun, many of whom are close to burnout. This
is, in many ways, the true root cause of this entire event.

— Russ Allbery

Incredible work from Andres. The attackers made a serious
strategic mistake: they made PostgreSQL slightly slower.

— Thomas
Munro

There is no way to discuss this in public without turning a single
malicious entity into 10 000 malicious entities once the
information is widely known.

Making sure the impact and mitigations are known before posting
this publicly so that everyone knows what to do before the 10 000
malicious entities start attacking is just common sense.

— Marc
Deslauriers

Again the FOSS world has proven to be vigilant and proactive in
finding bugs and backdoors, IMHO. The level of transparency is
stellar, especially compared to proprietary software
companies. What the FOSS world has accomplished in 24 hours after
detection of the backdoor code in #xz deserves a moment of
humbleness. Instead we have flamewars and armchair experts shouting
that we must change everything NOW. Which would introduce even more
risks. Progress is made iteratively. Learn, adapt, repeat.

— Jan Wildeboer