Yes I also think that bugs in a Rust replacement will receive more attention than other bugs. Why?
- the cult-like evangelism from the Rust community that everything written in Rust would be better
- the general notion, that rewriting tools should bring clear an tangible benefits. Rewriting something mostly because the new language is safer will provoke irritation and frustration with affected end-users when the end product turns out to introduce new issues
Somebody linked a comment from an Ubuntu maintainer where they said they want more resilient tools.
If license was the only concern then I'd think that they wouldn't switch the programming language?
And yeah, obviously using Rust will not eliminate all CVEs. It does eliminate buffer overflows and underflows though. Not a small thing.
Also I would not uncritically accept the code of the previous coreutils as good. It got the job done (and has memory safety problems here and there). But is it really good? We can't know for sure.
- the cult-like evangelism from the Rust community that everything written in Rust would be better
- the general notion, that rewriting tools should bring clear an tangible benefits. Rewriting something mostly because the new language is safer will provoke irritation and frustration with affected end-users when the end product turns out to introduce new issues