The kernel version was incremented due to kernel fixes (https://support.apple.com/en-us/HT207423). The Filevault vulnerability was fixed in 10.12.2 with a firmware update, part of the incremental update.

Yes, even if you install the December 2016 security update for 10.11.6; only 10.12.2 is protected against this Filevault vuln.

Are you planning to backport the fix? It would be very disappointing if a serious security problem like this would be left unaddressed. Not all of us can or want to switch to the latest major within months after its release.