Adds a "SECURITY" file which will list our security bugfixes.

Signed-off-by: Vincent Zanotti <vincent.zanotti@m4x.org>

diff --git a/SECURITY b/SECURITY
new file mode 100644 (file)
index 0000000..47f39de
--- /dev/null
+++ b/SECURITY
@@ -0,0 +1,15 @@
+# List of security fixes that have been committed to the "core" branch.
+# This list is used to programmatically determine if a checkout of plat/al has
+# known vulnerabilities (which is useful for automatically disabling an unused
+# and unsafe checkout).
+#
+# In order to guarantee that only patched checkouts do have an updated SECURITY
+# file, updates of this file should be done within the same sommit that actually
+# fixes the security issue. Since the commit id is not known yet, it can be
+# replaced by '00000000', and updated later.
+#
+# Format: <date> <commit id> <commit description>
+# The commit id should refer to the id in the "core" branch, if the initial
+# commit in a version branch had another name.
+
+# Hurray! No security holes have been found yet :)