Create SECURITY.md

GitHub now recommends that each repository contains a SECURITY.md file (per https://docs.github.com/en/code-security/getting-started/adding-a-security-policy-to-your-repository)
MapServer · Jul 30, 2021 · dab9991 · dab9991 · jmckenna · Jul 30, 2021
1 parent 1eaf763
commit dab9991
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,21 @@
+# MapServer Security Policy
+
+## Reporting a Vulnerability in MapServer
+
+Security/vulnerability reports should not be submitted through GitHub tickets or the public mailing lists, but instead please send your report 
+to the email address: **mapserver-security nospam @ osgeo.org** (remove the blanks and ‘nospam’).  
+
+Please follow the general guidelines for bug 
+submissions, when describing the vulnerability (see https://mapserver.org/development/bugs.html).
+
+## Supported Versions
+
+The MapServer PSC (Project Steering Committee) will release patches for security vulnerabilities for the following versions:
+
+| Version | Supported          |
+| ------- | ------------------ |
+| 7.6.x   | :white_check_mark: |
+| 7.4.x   | :white_check_mark: |
+| 7.2.x   | :white_check_mark: |
+| 7.0.x   | :white_check_mark: |
+| < 7.0   | :x:                |