Your first comment says "Stable does receive updates that address bugs and security issues."
But your quote about stable says "most packages will only get security updates".
So assuming their bug fix isn't security-relevant, it sounds like their original complaint is valid? I don't see how it's "grossly misstating" how stable works.
Backports are useful but the default is that the user is on the buggy stable version.
In practice, Debian stable gets bugfixes. I included (and quoted) the Debian FAQ on this matter largely so that I wasn't simply arguing by assertion.
See for example the Debian 12.10 release notes. This is an update to the Debian Stable v.12 release:
The Debian project is pleased to announce the tenth update of its stable distribution Debian 12 (codename "bookworm"). This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available.
Strong emphasis on "mainly adds corrections", but "along with a few adjustments for serious problems."
That is, in practice, Debian stable receives both security and bugfix updates.
You and other readers are strongly encouraged to look through Debian sources (release notes, Policy, Constitution, and individual package updates within stable repos) to verify other questions before posting further concerns here.
But your quote about stable says "most packages will only get security updates".
So assuming their bug fix isn't security-relevant, it sounds like their original complaint is valid? I don't see how it's "grossly misstating" how stable works.
Backports are useful but the default is that the user is on the buggy stable version.