.github: Create Github security policy document This document will show up when a viewer selects the "Security" tab, and selects the "Security Policy". It has a brief introduction, and directs to the official documentation of the security policy. Signed-off-by: David Brown <david.brown@linaro.org>

commit: 911ba334a06ac55e28856e49a694083974196f8c [log] [tgz]
author: David Brown <david.brown@linaro.org> Thu Mar 18 14:41:27 2021 -0600
committer: Anas Nashif <anas.nashif@intel.com> Sat Mar 20 06:06:57 2021 -0400
tree: 60b8e8386d8f628fcac76514b92fca5175fde146
parent: f9a0e20432818308bead889fece60869337a32cb [diff] [blame]
diff --git a/.github/SECURITY.md b/.github/SECURITY.md
new file mode 100644
index 0000000..024b09c
--- /dev/null
+++ b/.github/SECURITY.md

@@ -0,0 +1,22 @@
+# Security Policy
+
+## Supported versions
+
+The Zephyr project supports the following versions with security
+updates:
+
+  - The most recent release, and the release prior to that.
+  - Active LTS releases.
+
+At this time, with the latest release of v2.5.0, the supported
+versions are:
+
+  - 1.14.x: Current LTS
+  - v2.4.0: Prior release
+  - v2.5.0: Current release
+
+## Reporting process
+
+Please see our [Security Vulnerability
+Reporting](https://docs.zephyrproject.org/latest/security/reporting.html)
+page for details on the process.
commit	911ba334a06ac55e28856e49a694083974196f8c	[log] [tgz]
author	David Brown <david.brown@linaro.org>	Thu Mar 18 14:41:27 2021 -0600
committer	Anas Nashif <anas.nashif@intel.com>	Sat Mar 20 06:06:57 2021 -0400
tree	60b8e8386d8f628fcac76514b92fca5175fde146
parent	f9a0e20432818308bead889fece60869337a32cb [diff] [blame]