What needs to be fixed?

First of all: I do not have a vulnerability to report, I was just poking around crates.io and happened to notice that https://crates.io/crates/dwarf didn't have a nice warning box pointing out that the author has abandoned that project in favor of gimli (see https://github.com/philipc/rust-dwarf#readme for the notice, it's at the very beginning of the README), and thought "wasn't there a security tracking database that ought to have an entry about this?", so started clinking links until I found myself at https://www.rust-lang.org/policies/security ... but that clearly was not what I wanted, because I'm not trying to report some hidden vulnerability, just add a publicly posted deprecation to a database ...

Anyway, I was actually looking for rustsec.org and their database.

Page(s) Affected

https://www.rust-lang.org/policies/security

Suggested Improvement

Link to rustsec; describe when it's okay to report things in public and when to report them to security@.