[SECURITY] Drop MD5 signatures from release artifacts; sign _all_ artifacts

[ChristopherSchultz]

Mirth Connect releases hosted at e.g. https://mirthdownloadarchive.s3.amazonaws.com/index.html?prefix=connect/4.0.1.b293/ provide sha256 and md5 hashes. I recommend removing all the old MD5 hashes, re-computing any hashes missing from old releases and publishing them.

Also, only the CLI packages have signatures and not the server packages.

Finally, the signatures aren't linked from the downloads page; you have to go through the "Archived downloads..." link and then pick a release. Adding a link to the signatures directly to the download page will encourage people to actually use them.

Why remove the MD5 hashes? They can't be relied upon to provide adequate tamper-resistance. Their use should be actively discouraged, which is why I'm requesting that the old hashes be actively removed and replaced with modern hashes. There is no technical barrier to computing new hashes on the old artifacts.