If you read this (from Linux kernel link provided):
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
It's kind of splitting hairs to say they don't require CLA, "it's a Certificate of Origin". It's essentially accomplishing the same goal. The developer is agreeing that the patch belongs to the project and may be redistributed indefinitely.
I'm not particularly concerned one way or the other. If any evil person or company tries to convert a useful OSS project into a pay-for software (or do other disruptive things), the community is going to fork the project and move on, e.g. LibreOffice, MariaDB, etc.
However, almost all major OSS projects have some type of language in an Agreement, no matter the name it's refereed to, that the submissions belong to the project with redistribution rights indefinitely. The linux kernel goes the furthest (which I would not recommend for this project) as to require an assertion with each patch submission. Any OSS license essentially provides similar requirements, yet these projects are still requiring this or a similar assertion.
Again, I'm not particularly concerned one way or the other.
David