Add security policy, as requested by GitHub.

commit: 99e54f56bd671ec3a252e44ea1386fec80098931 [log] [tgz]
author: Dieter Baron <dillo@nih.at> Tue Sep 28 12:39:22 2021 +0200
committer: GitHub <noreply@github.com> Tue Sep 28 12:39:22 2021 +0200
tree: 38e775399b285cd9c7de584e68e27714c933d3af
parent: 4b856d81394686c999b67def50ebdde582a57b2b [diff]
diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..f92ad75
--- /dev/null
+++ b/SECURITY.md

@@ -0,0 +1,13 @@
+# Security Policy
+
+## Supported Versions
+
+We are not maintaining multiple branches, so all fixes will be committed to head and included in the next release.
+
+We take great care to maintain backwards compatibility, so we expect our users to use the latest version.
+
+## Reporting a Vulnerability
+
+You can reach us per email at libzip@nih.at. 
+
+For less sensitive reports, you can also open an issue or pull request on GitHub.
commit	99e54f56bd671ec3a252e44ea1386fec80098931	[log] [tgz]
author	Dieter Baron <dillo@nih.at>	Tue Sep 28 12:39:22 2021 +0200
committer	GitHub <noreply@github.com>	Tue Sep 28 12:39:22 2021 +0200
tree	38e775399b285cd9c7de584e68e27714c933d3af
parent	4b856d81394686c999b67def50ebdde582a57b2b [diff]