Add SECURITY.md

[Fenrirthviti]

Description

Add a SECURITY.md template to the repo that follows what we're actually accepting security requests on. Currently, this only includes RCEs, but may be updated before merge or at a later date to include others.

Motivation and Context

Tired of the low-effort and LLM-generated PRs to try and add one.

How Has This Been Tested?

👁️

Types of changes

• Documentation (a change to documentation pages)

Checklist:

• My code has been run through clang-format.
• I have read the contributing document.
• My code is not on the master branch.
• The code has been tested.
• All commit messages are properly formatted and commits squashed where appropriate.
• I have included updates to all appropriate documentation.

[Fenrirthviti]

Fixed a few other typos, and updated the resolution time to 120 days to more closely align with our release cadence.

[namoen0301]

please add a PGP public key, Some security researchers submit their vulnerability report after encrypting with PGP.

[Fenrirthviti]

We can consider adding a PGP key in the future, but we do not have compatible infrastructure (gsuite) for it at the moment.