Every time there's a CVE affecting some fundamental part of modern computing that Rust provides a dot-release for, it seems multiple publications find out first from the Rust blog and publish titles implying that Rust is the only affected thing. It's not only mildly annoying hearing the echos of "har, har, I thought it was 'safe'", it does a complete disservice to anyone that doesn't use Rust because they won't find out they have to update or mitigate the issue too!
