That's not an advantage for the Pentagon - it doesn't even apply: their version is unaffected. And it's not an advantage for anyone else, either - it makes them more vulnerable to Russian and Chinese hackers, instead. And the Russians would prefer that other people have the backdoors, likewise the Chinese - they're useful for hacking. So they won't tell. So it has no Open Source advantage. Nothing is presented here as an evil conspiracy of Russian and Chinese hackers. So you have no reason to yammer on about that, or even bring it up - this is between HP, the American citizenry, and the American government.