I'm sure many serious flaws in many free programs have been around for a long time, some flaws longer than this flaw. But free software advocates make no guarantees you'll get secure code. If you'd like that guarantee perhaps you can purchase a programmer's time to get that; perhaps you should have hired a programmer to inspect this code on your behalf, looking for security issues, raising them upstream, and fixing them for you (software freedom gives you these options as I mentioned before). Your objection really stems from your belief that open source and free software are discussing the issue starting from the same underlying philosophy.
The philosophies are not the same therefore the two movements arrive at different conclusions: Structurally speaking, programmers know that malware can be easily hidden in proprietary programs yet it's rare to find malware in free software for the same reason—those who forbid users from inspecting, sharing, and modifying source code can more easily sneak malware into the code. Focusing on price and technical issues (such as features, speed, and reliability) isn't bad but doesn't go nearly far enough. More and more users understand that society needs more than framing the debate around a developmental methodology as the open source movement does. So, the more one values catching bad code early (as we all, rightly, do) the more everyone should value software freedom for its own sake. Software freedom lets us increase the odds for using better code by treating computer users respectfully through granting and securing our permission to inspect, share, and modify that free code. All computer users deserve software freedom.