Jenkins is committed to remain backwards compatible. In the case of plugins detached from core, this means shipping with the plugins, because otherwise the upgrade experience from a version when it was a core feature will be horrible. In the case of LDAP plugin, it only was detached in 1.466, not even two years ago.
the version bundled with Jenkins is old and buggy
You mean unlike 1.10 and 1.10.1, released not even a week ago, which both contained serious bugs? Note that occasionally, bundled plugin versions are updated. I guess the approach there is safety over being up-to-date (if you use Subversion Plugin, you know what I mean!). If this is a concern for you, it's trivial to create a pull request that changes the bundled version (here's the relevant file).
One possibility would be to only extract bundled plugins if there's already a JENKINS_HOME with e.g. global config.xml that indicates a version older than when it was detached. But that should probably be covered in the context of JENKINS-9598.
I recommend this should be resolved again.
I believe there has been steady progress on moving components from core to plugins. However, there is also a commitment to backwards compatibility which is maintained and on which many Jenkins users depend. I don't know all the details of the progress in moving components from core to plugins, but I've been the grateful beneficiary of the compatibility work which has kept me running Jenkins for many years.
Could you reassign this to the Jenkins core project, rather than assigning it to the jenkow-plugin? I don't think it has any relationship to the jenkow-plugin.