mbedtls/SECURITY.md

## Reporting Vulneratibilities

If you think you have found an Mbed TLS security vulnerability, then please
send an email to the security team at
<mbed-tls-security@lists.trustedfirmware.org>.

## Security Incident Handling Process

Our security process is detailled in our [security
center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).

Its primary goal is to ensure fixes are ready to be deployed when the issue
goes public.

## Maintained branches

Only the maintained branches, as listed in BRANCHES.md, get security fixes.
Users are urged to always use the latest version of a maintained branch.
Add SECURITY.md There was no mention of our security email address, nor of our security process, in the repo, which made them hard to discover for contributors. Also, this filename is recognized by github: https://docs.github.com/en/github/managing-security-vulnerabilities/adding-a-security-policy-to-your-repository Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com> 2021-02-25 10:41:38 +00:00			`## Reporting Vulneratibilities`

			`If you think you have found an Mbed TLS security vulnerability, then please`
			`send an email to the security team at`
			`<mbed-tls-security@lists.trustedfirmware.org>.`

			`## Security Incident Handling Process`

			`Our security process is detailled in our [security`
			`center](https://developer.trustedfirmware.org/w/mbed-tls/security-center/).`

			`Its primary goal is to ensure fixes are ready to be deployed when the issue`
			`goes public.`

			`## Maintained branches`

			`Only the maintained branches, as listed in BRANCHES.md, get security fixes.`
			`Users are urged to always use the latest version of a maintained branch.`