The thing is that upgrades cost
money. Evince is a component of the Gnome Desktop Environment. You start updating Evince and then you have to upgrade some Gnome libraries to satisfy the dependencies. Then there becomes a risk that the desktop environment becomes unstable or, worse, that it adds/subtracts/changes some features that break some custom application you have developed in house, or requires you to retrain your staff of 1,000 people to accommodate these new features. Then you need to hire a Red Hat admin for lots of $$$ to fix the problem! It's like taking your 2010-model car in for an oil change and they move the controls around on the dash because "we thought you might like the new features of the 2012 model" and now you can't figure out how to work the wiper blades.
Or, another way Red Hat could potentially run their business is that RHEL6 can continue to use the same Evince and the same Gnome Deskop Environment that it has used since it was released in 2010 and will use until it reaches "end of life" in 2020. You support the same software for 10 years so your customers get to know it very well and come to depend on it. Customers can evaluate this software free 30 days to see if it will meet their needs, and if it doesn't, they can either a) find a different product; or b) figure out how to install the updated application, but if it does meet their needs, then they can be confident it will continue to meet their needs for its full lifespan because there will be no unexpected changes to its functionality that will cost
time and money for the customer.
https://access.redhat.com/security/updates/backporting/
Now as for CentOS's role in all this... CentOS "claim to fame" is "we are binary compatible with RHEL." People use CentOS as a free alternative to RHEL. But if CentOS decides to add their own upgrades and additional features that deviate from RHEL, "we are sort of compatible with RHEL, it might work or it might not work," then CentOS becomes just another distro, businesses cannot choose CentOS with confidence as a reliable RHEL substitute.