Does a vulnerability that has been there since that long really deserve such a rushed release?

I mean, you could have gone through the classic release procedure with tags/branches etc and maybe delay the release for 2-3 days. Would it really have changed something in that case?

I don't understand why this particular security issue was treated that dramatically, but maybe I'm missing something.

Philippe