tialaramex may not have been very articulate, and may have ben more curt than courteous, but I think was trying to make a helpful point (which I hope you won't yourself completely ignore, if I can explain it better).
There is quite a distance from Linus words that you now quote (expressing a belief that explicit changelog entries lead to more attacks by relatively casual attackers such as curious university students) to if we don't tell the bad guys about the bugs, they'll never find them.
It is helpful to look into the costs and benefits of various approaches to drawing attention to security flaws. It is helpful to point to this as one data point towards establishing to what extent the current approach to changelog entries is effective in reducing attacks. (Of course one data point isn't enough to show that it doesn't reduce attacks, but does give some information.)
Whereas misrepresenting someone's position in such a way as to give the false impression of having disproven their position (straw man tactics) is not helpful, and is both harmful to establishing the right answer to the question under consideration, and is also objectionable to the person being misquoted (as tialaramex tried to demonstrate with a fairly extreme example of misquoting).
I understand that you may not have intended to apply a straw-man approach, but the effect is the same. So the point is, be careful in representation or attributing quotation to someone.
I hope you find this not a worthless reply, when explained more carefully.