> the kernel developers and stable team have decided not to try and judge
> which patches are security fixes and which are merely bugfixes.
you're wrong. they didn't have that decision to make to begin with because they're simply not qualified to make such judgement calls due to lack of expertise. what you wanted to say is that they decided to not share what others tell them about security bugs. we call that a coverup in other areas of life.
> They believe that if they did so, people would only apply the fixes
> marked as security
and they have presented exactly zero evidence for such a belief. not to mention that it's outright insulting to assume that people would be that dumb.
> in addition, they are tired of being harassed about the issue, so now
> they make a point not to call out particular fixes as being security
they are tired of being held accountable for their treatment of security bugs. something proprietary vendors have also had to learn, mind you but they at least did. their reaction is nothing short of 'punishment' of their own userbase, a rather childish attitude at that.