no, that's a strawman, not my question. once more: why is it bogus to prioritize known security fixes (over others)? or better, in light of your last post: why does it give anyone a false sense of security? why would anyone feel secure by applying known security fixes but not others? why would anyone believe that other fixes definitely have no security impact? why do you think the people maintaining distro and other kernels are stupid?
summary: your problem is, as was explained back in july or so, that you're living in a black&white world (pretty ironic from someone who called the closed world model bogus ;). real life ain't anything like that. in real life people manage risks and often take them - it's not up to you or anyone else to make that call for them.
last but not least: you can't have that hypothetical git branch because that's only possible in a closed world model which according to you is bogus. nor can you have assurance that your supposed fixes don't introduce more problems which is what actually happens in real life at times (witness the frequent reverts). so no, i still don't see what you're trying to say but i'm beginning to feel that i'm up against an armchair security expert turned kernel programmer with no real life experience in either matter and i've seen that where that leads.