Such incidents should be finger-pointed. Not long ago there was a similar case in libpng (i think, some lib for graphics anyway). The problem was braindead code which had a buffer overflows. As a consequence if your web browser used that library, downloading and displaying an image from the internet could execute code on your computer!
At the time I thought this was intentional and that the person who wrote that library was a script kiddie who wanted a backdoor. Such cases should be punished imo. Finger-pointing and blacklisting is fair for such stupendous code. The people who write it should not be trusted for some years.