RFC: move <0.10.3 and <0.11.1 to 'insecure' directory

[laanwj]

The executables for these version should under no conditions be used anymore, they are a liability. May be even better to delete them, but moving them to an explicitly warning path is a good step.

Note: the source tarballs should be retained and stay in the current path.

[jonasschnelli]

Agree with @laanwj. Maybe even add (in addition the the insecure path) a INSECURE-bitcoin-0.11.1-osx-signed.dmg (a.s.o.). So people downloading through a link will also notice when looking at the filename itself.

[harding]

Moving them to an insecure directory sounds like a good solution to me (although I'm fine with removing them too). I suggest a short README.txt for the insecure directory that says something like:

The releases in this directory contain known security flaws and should not be used. Information about some known flaws can be found at the following links:

• (<0.10.3 & <0.11.1) UPnP vulnerability: https://bitcoin.org/en/alert/2015-10-12-upnp-vulnerability

If you have any questions, please feel free to ask for help: https://bitcoin.org/en/bitcoin-core/help

[jrmithdobbs]

Seems they should be untagged in git (I haven't looked at build stuff in like 2 years do they even get tagged?) and deleted for safety to me.

[saivann]

I think I applied all required changes, please feel free to take a look if you see something wrong (e.g. 0.8.* and 0.9.* had to be moved to insecure/ right, not just the 0.10.* releases?)

On prefixing all files with INSECURE-, not a bad idea, I'll let others, especially Wladimir, comment if they think it's worth it, or if there is any reason not to do this.

[saivann]

Closing the issue as I believe it has been addressed, but please leave a comment if you find anything that needs fixing. Thanks!