Cease support for 4.1 - 4.6

[johnbillion]

​Security updates will cease for WordPress versions 4.1 through 4.6 when 6.8.2 is released in July.

What meta changes need to be made, if any?

[dd32]

AFAIK there are only two things that need to be done, and it's both about ​https://api.wordpress.org/core/stable-check/1.0/

1. When 6.8.2 is released, if the latest releases in 4.1-4.6 are deemed "secure" still (ie. outdated not insecure), that the versions remain in wporg_get_secure_versions().
2. When the 4.1-4.6 releases are deemed insecure (ie. They're no longer outdated, they're now insecure as well) they be removed entirely from wporg_get_secure_versions() and moved to wporg_get_version_equivalents().

This is done as part of the version.php bumps during the core release precess.

The question at hand is whether at the time of these last releases for those branches, if they're considered outdated or insecure. I don't perfectly recall what happened for the 3.7-4.0 branches, I believe once the last release in the branches were made, 1 above was applied, and once a security release in the 4.1 branch was made, 2 was applied.

It's up to the security team if we follow that 1-2 approach, or if we do 1+2 at the 6.8.2 release time and consider these old branches immediately insecure. (This is partially my vote, just to get the changes made, due to the very low number of end-users this would affect, and it would mean security scanners would start alerting sooner before these old sites were infact insecure)