Call the document a "Security Policy" to disambiguate it from the
security *process* documented in the security page. Also, point to the
security page for bug reporting and CVE assignment.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Move content from the Security Process[1] and Security Exceptions[2]
wiki documents into the repository so that it is in a standard place for
analysis tools to look for the glibc security policy.
This is a more or less verbatim port of the wiki document with some
restructuring for a more coherent layout since the two pages are now
merged. There should be no change in messaging in this commit.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>