Maybe they consider the exploit is in the wild when sending to a distro that large[0] with recipients that aren't provably trustworthy.

[0] https://oss-security.openwall.org/wiki/mailing-lists/distros