V8.02.512.2025.05.30

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

SECURITY.md

@@ -0,0 +1,23 @@
+# Security Policy
+
+## Reporting vulnerabilities
+
+Please send your vulnerability reports to `security@coresecret.eu`
+
+To make sure that your report reaches me, please:
+
+Include the words `CISS.debian.live.builder` and `vulnerability` to the subject line as well as a short description of the vulnerability.
+
+Make sure that the message body contains a clear description of the vulnerability.
+
+If you have not received a reply to your email within seven days, please make sure to follow up with me again at `security@coresecret.eu`
+
+Once again, make sure that the word `vulnerability` is in the subject line.
+
+My security policy is available at:
+
+[https://coresecret.eu/security-policy/](https://coresecret.eu/security-policy/)
+
+---
+**[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)**
+<!-- vim: set number et ts=2 sw=2 sts=2 ai tw=128 ft=markdown -->