SECURITY.md: Add instructions for reporting security issues

Fixes Issues like https://github.com/agherzan/meta-raspberrypi/pull/1390#issuecomment-2522661895 Signed-off-by: Khem Raj <raj.khem@gmail.com>
2025-07-04 20:54:46 +02:00 · 2024-12-06 11:14:34 -08:00 · 2024-12-06 11:14:34 -08:00 · a2f8a64bc6
commit a2f8a64bc6
parent 57fa41ae95
1 changed files with 20 additions and 0 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,20 @@
+How to Report a Potential Vulnerability?
+========================================
+
+If you would like to report a public issue (for example, one with a released
+CVE number), please report it via GitHub issues:
+
+  https://github.com/agherzan/meta-raspberrypi/issues/new/choose
+
+If you are dealing with a not-yet released or urgent issue, please send a
+message to one of the maintainers listed in the [README.md](https://github.com/agherzan/meta-raspberrypi/blob/master/README.md).  Include as many
+details as possible:
+  - the layer or software module affected
+  - the recipe and its version
+  - any example code, if available
+
+Branches maintained with security fixes
+---------------------------------------
+
+See https://wiki.yoctoproject.org/wiki/Releases for the list of current
+releases.  We only accept patches for the LTS releases and the master branch.