if you don't want to only apply security fixes to get a secure system, why do you need the big red flag that a patch is a security fix? if you are applying all bugfixes then you will get the security fixes along with everything else.
as for the reason to not call it out, to give the good guys a chance to apply fixes before the bad guys are writing exploit code.
if it's called out as specificly being a security fix then the bad guys can start work immediatly on producing an exploit, they don't have to examine the fix to see if it is a security fix or not. yes, this is a bit of security by obscurity, but obscurity by itself isn't a bad thing, it's only when you depend on it for your only defense that it becomes a disaster.